def getWebApp(api: QualysAPI.QualysAPI, webappid: str):
fullurl = '%s/qps/rest/3.0/get/was/webapp/%s' % (api.server, webappid)
resp = api.makeCall(method='GET', url=fullurl)
return resp
def createOptionProfileFromXML(api: QualysAPI.QualysAPI, profilexml: ET.Element):
fullurl = '%s/qps/rest/3.0/create/was/optionprofile' % api.server
payload = ET.tostring(profilexml, method='xml', encoding='utf-8').decode()
resp = api.makeCall(url=fullurl, payload=payload)
return resp
def searchDNSOverride(api: QualysAPI.QualysAPI, recordid: str = None, recordname: str = None,
tagid: str = None, tagname: str = None,
createddate: str = None, updateddate: str = None,
ownerid: str = None, ownername: str = None, owneruser: str = None):
fullurl = '%s/qps/rest/3.0/search/was/dnsoverride/' % api.server
sr = ET.Element('ServiceRequest')
filters = ET.SubElement(sr, 'filters')
if recordid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'id')
criteria.set('operator', 'IN')
criteria.text = recordid
if recordname is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'name')
criteria.set('operator', 'CONTAINS')
criteria.text = recordname
if tagid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'tags.id')
criteria.set('operator', 'IN')
criteria.text = tagid
if tagname is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'tags.name')
criteria.set('operator', 'CONTAINS')
criteria.text = tagname
if createddate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'createDate')
criteria.set('operator', 'GREATER')
criteria.text = createddate
if updateddate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'updatedDate')
criteria.set('operator', 'GREATER')
criteria.text = updateddate
if ownerid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'owner.id')
criteria.set('operator', 'EQUALS')
criteria.text = ownerid
if ownername is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'owner.name')
criteria.set('operator', 'CONTAINS')
criteria.text = ownername
if owneruser is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'owner.username')
criteria.set('operator', 'CONTAINS')
criteria.text = owneruser
if len(filters) > 0:
payload = ET.tostring(sr, method='xml', encoding='utf-8').decode()
else:
payload = ""
resp = api.makeCall(url=fullurl, payload=payload)
return resp
def createUser(target_api: QualysAPI.QualysAPI, payload: dict):
url = '%s/msp/user.php' % target_api.server
payload['action'] = 'add'
resp = target_api.makeCall(url=url, payload=payload)
return responseHandler(resp)
def get_configuration_profile(source_api: QualysAPI, id: str):
url = '%s/qps/rest/1.0/get/ca/agentconfig/%s' % (source_api.server, id)
resp = source_api.makeCall(url=url, method='GET')
return resp
def searchAuthRecord(api: QualysAPI.QualysAPI, recordid: str = None, recordname: str = None,
tagids: str = None, tagname: str = None,
createdate: str = None, updateddate: str = None,
lastscandate: str = None, lastscanauthstatus: str = None,
isused: bool = None, contents: str = None):
fullurl = '%s/qps/rest/3.0/search/was/webappauthrecord' % api.server
sr = ET.Element('ServiceRequest')
filters = ET.SubElement(sr, 'filters')
if recordid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'id')
criteria.set('operator', 'IN')
criteria.text = recordid
if recordname is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'name')
criteria.set('operator', 'CONTAINS')
criteria.text = recordname
if tagids is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'tags.id')
criteria.set('operator', 'IN')
criteria.text = tagids
if tagname is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'tags.name')
criteria.set('operator', 'CONTAINS')
criteria.text = tagname
if createdate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'createdDate')
criteria.set('operator', 'GREATER')
criteria.text = createdate
if updateddate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'updatedDate')
criteria.set('operator', 'GREATER')
criteria.text = updateddate
if lastscandate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'lastScan.date')
criteria.set('operator', 'GREATER')
criteria.text = lastscandate
if lastscanauthstatus is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'lastScan.authStatus')
criteria.set('operator', 'IN')
criteria.text = lastscanauthstatus
if isused is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'isUsed')
criteria.set('operator', 'EQUALS')
criteria.text = str(isused).lower()
if contents is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'id')
criteria.set('operator', 'IN')
criteria.text = contents
if len(filters) > 0:
payload = ET.tostring(sr, method='xml', encoding='utf-8').decode()
else:
payload = ''
resp = api.makeCall(url=fullurl, payload=payload)
return resp
def createVirtualHost(target_api: QualysAPI.QualysAPI, url: str):
fullurl = '%s%s' % (target_api.server, url)
resp = target_api.makeCall(url=fullurl)
if not responseHandler(resp):
return None
return resp
def searchWebApplication(api: QualysAPI.QualysAPI, webappid: str = None, name: str = None, url: str = None,
tagname: str = None, tagid: int = None, createddate: str = None, updateddate: str = None,
isscheduled: bool = None, isscanned: bool = None, lastscanstatus: str = None):
sr = ET.Element('ServiceRequest')
filters = ET.Element('filters')
if webappid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'id')
criteria.set('operator', 'IN')
criteria.text = webappid
if name is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'name')
criteria.set('operator', 'CONTAINS')
criteria.text = name
if url is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'url')
criteria.set('operator', 'CONTAINS')
criteria.text = url
if tagname is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'tags.name')
criteria.set('operator', 'CONTAINS')
criteria.text = tagname
if tagid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'tags.id')
criteria.set('operator', 'CONTAINS')
criteria.text = str(tagid)
if createddate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'createdDate')
criteria.set('operator', 'GREATER')
criteria.text = createddate
if updateddate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'updatedDate')
criteria.set('operator', 'GREATER')
criteria.text = updateddate
if isscheduled is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'isScheduled')
criteria.set('operator', 'CONTAINS')
criteria.text = str(isscheduled)
if isscanned is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'isScanned')
criteria.set('operator', 'CONTAINS')
criteria.text = str(isscanned)
if lastscanstatus is not None:
if lastscanstatus in ['SUBMITTED', 'RUNNING', 'FINISHED', 'TIME_LIMIT_EXCEEDED', 'SCAN_NOT_LAUNCHED',
'SCANNER_NOT_AVAILABLE', 'ERROR', 'CANCELED']:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'lastScan.status')
criteria.set('operator', 'IN')
criteria.text = lastscanstatus
if len(filters) > 0:
sr.append(filters)
prefs = ET.SubElement(sr, 'preferences')
verbose = ET.SubElement(prefs, 'verbose')
verbose.text = 'true'
payload = ET.tostring(sr, method='xml', encoding='utf-8').decode()
url = '%s/qps/rest/3.0/search/was/webapp' % api.server
resp = api.makeCall(url=url, payload=payload)
return resp
def createScanReport(api: QualysAPI.QualysAPI, reportname: str, targetscans: str, filtersearchlistids: str = None,
filterurls: str = None, filterstatus: str = None, filtershowpatched: str = 'SHOW_BOTH',
filterignoredreasons: str = None, displaycontents: str = None, displaygraphs: str = None,
displaygroups: str = None, rawlevels: str = None, filtersshowignored: bool = None,
reportformat: str = None, templateid: int = None):
fullurl = '%s/qps/rest/3.0/create/was/report' % api.server
sr = createBaseReport(reporttype='WAS_SCAN_REPORT',
reportname=reportname, reportformat=reportformat, templateid=templateid)
report = sr.find('ServiceRequest/data/Report')
config = ET.SubElement(report, 'config')
scanrpt = ET.SubElement(config, 'scanReport')
tgt = ET.SubElement(scanrpt, 'target')
scans = ET.SubElement(tgt, 'WasScan')
idxml = ET.SubElement(scans, 'id')
idxml.text = targetscans
if displaycontents is not None and displaygraphs is not None and displaygroups is not None and rawlevels is not None:
display = ET.SubElement(scanrpt, 'display')
contents = ET.SubElement(display, 'contents')
for content in displaycontents.split(','):
contentxml = ET.SubElement(contents, 'ScanReportContent')
contentxml.text = content
graphs = ET.SubElement(display, 'graphs')
for graph in displaygraphs.split(','):
graphxml = ET.SubElement(graphs, 'ScanReportGraph')
graphxml.text = graph
groups = ET.SubElement(display, 'groups')
for group in displaygroups.split(','):
groupxml = ET.SubElement(groups, 'ScanReportGroup')
groupxml.text = group
if rawlevels is not None:
options = ET.SubElement(display, 'options')
rawlevelsxml = ET.SubElement(options, 'rawLevels')
rawlevelsxml.text = rawlevels
if (filtershowpatched is not None) or \
(filterurls is not None) or \
(filterstatus is not None) or \
(filtersshowignored is not None) or \
(filtersearchlistids is not None) or \
(filterignoredreasons is not None):
filters = ET.SubElement(report, 'filters')
if filtershowpatched is not None:
showpatched = ET.SubElement(filters, 'showPatched')
showpatched.text = filtershowpatched
if filtersearchlistids is not None:
searchlists = ET.SubElement(filters, 'searchlists')
for searchlist in filtersearchlistids.split(','):
slxml = ET.SubElement(searchlists, 'SearchList')
idxml = ET.SubElement(slxml, 'id')
idxml.text = searchlist.strip()
if filterstatus is not None:
statuses = ET.SubElement(filters, 'status')
for status in filterstatus.split(','):
statusxml = ET.SubElement(statuses, 'ScanFindingStatus')
statusxml.text = status.strip()
if filterurls is not None:
for url in filterurls.split(','):
urlxml = ET.SubElement(filters, 'url')
urlxml.text = url.strip()
if filtersshowignored is not None or filterignoredreasons is not None:
remediation = ET.SubElement(filters, 'remediation')
if filtersshowignored is not None:
showignored = ET.SubElement(remediation, 'showIgnored')
showignored.text = str(filtersshowignored).lower()
if filterignoredreasons is not None:
ignoredreasons = ET.SubElement(remediation, 'ignoredReasons')
for reason in filterignoredreasons.split(','):
ignoredreason = ET.SubElement(ignoredreasons, 'IgnoredReason')
ignoredreason.text = reason
payload = ET.tostring(sr, method='xml', encoding='utf-8').decode()
resp = api.makeCall(url=fullurl, payload=payload)
return resp
def getSchedule(api: QualysAPI.QualysAPI, id: str):
fullurl = '%s/qps/rest/3.0/get/was/wasscanschedule/%s' % (api.server, id)
resp = api.makeCall(url=fullurl, method='GET')
return resp
def updateReport(api: QualysAPI.QualysAPI, reportid: int):
fullurl = '%s/qps/rest/3.0/update/was/report/%s' % (api.server, str(reportid))
resp = api.makeCall(url=fullurl, method='GET')
return resp
def searchSchedule(api: QualysAPI.QualysAPI, scheduleid: str = None, name: str = None, ownerid: str = None,
createddate: str = None, updated: str = None, active: bool = None, type: str = None,
webappname: str = None, webappid: str = None, webapptags: str = None, webapptagsid: str = None,
invalid: bool = None, lastScan: bool = None, lastscandate: str = None, lastscanstatus: str = None,
multi: bool = None):
fullurl = '%s/qps/rest/3.0/search/was/wasscanschedule' % api.server
sr = ET.Element('ServiceRequest')
filters = ET.Element('filters')
if scheduleid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'id')
criteria.set('operator', 'IN')
criteria.text = scheduleid
if name is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'name')
criteria.set('operator', 'CONTAINS')
criteria.text = name
if ownerid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'owner.id')
criteria.set('operator', 'IN')
criteria.text = ownerid
if createddate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'createdDate')
criteria.set('operator', 'GREATER')
criteria.text = createddate
if updated is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'updatedDate')
criteria.set('operator', 'GREATER')
criteria.text = updated
if active is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'active')
criteria.set('operator', 'EQUALS')
criteria.text = str(active)
if type is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'type')
criteria.set('operator', 'IN')
criteria.text = type
if webappname is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'webApp.name')
criteria.set('operator', 'CONTAINS')
criteria.text = webappname
if webappid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'webApp.id')
criteria.set('operator', 'IN')
criteria.text = webappid
if webapptags is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'webApp.tags')
criteria.set('operator', 'NONE')
criteria.text = webapptags
if webapptagsid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'webApp.tags.id')
criteria.set('operator', 'IN')
criteria.text = id
if invalid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'invalid')
criteria.set('operator', 'EQUALS')
criteria.text = str(invalid)
if lastScan is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'lastScan')
criteria.set('operator', 'NONE')
criteria.text = str(lastScan)
if lastscandate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'lastScan.launchedDate')
criteria.set('operator', 'GREATER')
criteria.text = lastscandate
if lastscanstatus is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'lastScan.status')
criteria.set('operator', 'IN')
criteria.text = lastscanstatus
if multi is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'multi')
criteria.set('operator', 'EQUALS')
criteria.text = str(multi)
if len(filters) > 0:
sr.append(filters)
payload = ET.tostring(sr, method='xml', encoding='utf-8').decode()
resp = api.makeCall(url=fullurl, payload=payload)
return resp
def getAuthRecord(api: QualysAPI.QualysAPI, recordid: int):
fullurl = '%s/qps/rest/3.0/get/was/webappauthrecord/%s' % (api.server, str(recordid))
resp = api.makeCall(url=fullurl)
return resp
def updateWebAppFromXML(api: QualysAPI.QualysAPI, payloadxml: ET.Element, webappid: int):
fullurl = '%s/qps/rest/3.0/update/was/webapp/%s' % (api.server, str(webappid))
payload = ET.tostring(payloadxml, method='xml', encoding='utf-8').decode()
resp = api.makeCall(url=fullurl, method='POST', payload=payload)
return resp
def getDNSOverride(api: QualysAPI.QualysAPI, recordid: int):
fullurl = '%s/qps/rest/3.0/get/was/dnsoverride/%s' % (api.server, str(recordid))
resp = api.makeCall(url=fullurl)
return resp
def createScorecardReport(api: QualysAPI.QualysAPI, reportname: str, webappids: str = None,
inctagids: str = None, inctagopts: str = None,
exctagids: str = None, exctagopts: str = None,
searchlistids: str = None, scanstatus: str = None, authstatus: str = None,
reportformat: str = None,
scandatestart: str = None, scandateend: str = None,
displaycontents: str = None, displaygraphs: str = None, displaygroups: str = None,
displayoptions: str = None):
fullurl = '%s/qps/rest/3.0/create/was/report' % api.server
sr = createBaseReport(reporttype='WAS_SCORECARD_REPORT',
reportname=reportname, reportformat=reportformat)
report = sr.find('ServiceRequest/data/Report')
config = ET.SubElement(report, 'config')
scorecard = ET.SubElement(config, 'scorecardReport')
tgt = ET.SubElement(scorecard, 'target')
if inctagids is not None and webappids is not None:
print('ERROR: QualysWASProcessor.createScorecardReport failed - specify targets with tags or webapp IDs, '
'not both')
return None
if (scandatestart is not None and scandateend is None) or (scandatestart is None and scandateend is not None):
print('ERROR: QualysWASProcessor.createScorecardReport failed - must specify stand AND end dates')
return None
if webappids is not None:
webapps = ET.SubElement(tgt, 'webapps')
for webappid in webappids.split(','):
webapp = ET.SubElement(webapps, 'WebApp')
idxml = ET.SubElement(webapp, 'id')
idxml.text = webappid.strip()
if inctagids is not None:
tags = ET.SubElement(tgt, 'tags')
included = ET.SubElement(tags, 'included')
includeopt = ET.SubElement(included, 'option')
includeopt.text = inctagopts
taglist = ET.SubElement(included, 'tagList')
for tagid in inctagids.split(','):
tag = ET.SubElement(taglist, 'Tag')
idxml = ET.SubElement(tag, 'id')
idxml.text = tagid
if exctagids is not None:
excluded = ET.SubElement(tags, 'excluded')
excludeopt = ET.SubElement(excluded, 'option')
excludeopt.text = exctagopts
taglist = ET.SubElement(excluded, 'tagList')
for tagid in exctagids.split(','):
tag = ET.SubElement(taglist, 'Tag')
idxml = ET.SubElement(tag, 'id')
idxml.text = tagid
if searchlistids is not None or scandatestart is not None or scanstatus is not None or authstatus is not None:
filters = ET.SubElement(scorecard, 'filters')
if searchlistids is not None:
searchlists = ET.SubElement(filters, 'searchlists')
for searchlist in searchlistids.split(','):
slistxml = ET.SubElement(searchlists, 'SearchList')
idxml = ET.SubElement(slistxml, 'id')
idxml.text = searchlist.strip()
if scandatestart is not None:
scandate = ET.SubElement(filters, 'scanDate')
start = ET.SubElement(scandate, 'startDate')
start.text = scandatestart
end = ET.SubElement(scandate, 'endDate')
end.text = scandateend
if scanstatus is not None:
scanstatusxml = ET.SubElement(filters, 'scanStatus')
scanstatusxml.text = scanstatus
if authstatus is not None:
authstatusxml = ET.SubElement(filters, 'scanAuthStatus')
authstatusxml.text = authstatus
if displaycontents is not None or displayoptions is not None or displaygroups is not None or \
displaygraphs is not None:
display = ET.SubElement(scorecard, 'display')
if displaycontents is not None:
contents = ET.SubElement(display, 'contents')
for content in displaycontents.split(','):
contentxml = ET.SubElement(contents, 'ScorecardReportContent')
contentxml.text = content.strip()
if displayoptions is not None:
options = ET.SubElement(display, 'options')
rawlevels = ET.SubElement(options, 'rawLevels')
rawlevels.text = displayoptions
if displaygroups is not None:
groups = ET.SubElement(display, 'groups')
for group in displaygroups.split(','):
groupxml = ET.SubElement(groups, 'scorecardReportGroup')
groupxml.text = group.strip()
if displaygraphs is not None:
graphs = ET.SubElement(display, 'graphs')
for graph in displaygraphs.split(','):
graphxml = ET.SubElement(graphs, 'ScorecardReportGraph')
graphxml.text = graph.strip()
payload = ET.tostring(sr, method='xml', encoding='utf-8').decode()
resp = api.makeCall(url=fullurl, payload=payload)
return resp
def createWebApp(api: QualysAPI.QualysAPI, payloadxml: ET.Element):
fullurl = '%s/qps/rest/3.0/create/was/webapp' % api.server
payload = ET.tostring(payloadxml, method='xml', encoding='utf-8').decode()
resp = api.makeCall(url=fullurl, method='POST', payload=payload)
return resp
def createCatalogReport(api: QualysAPI.QualysAPI, reportname: str, reportformat: str = None,
filters_url: str = None, filters_ip: str = None,
filters_os: str = None, filters_status: str = None,
scandate_start: str = None, scandate_end: str = None,
display_contents: str = None, display_graphs: str = None, display_groups: str = None,
display_options: str = None):
fullurl = '%s/qps/rest/3.0/create/was/report' % api.server
sr = createBaseReport(reporttype='WAS_CATALOG_REPORT',
reportname=reportname, reportformat=reportformat)
report = sr.find('ServiceRequest/data/Report')
config = ET.SubElement(report, 'config')
catalog = ET.SubElement(config, 'catalogReport')
if scandate_start is not None and scandate_end is None or scandate_start is None and scandate_end is not None:
print('ERROR: QualysWASProcessor.createCatalogReport failed - Start Date and End Date must be specified '
'together')
return None
if display_contents is not None or display_options is not None or display_groups is not None or \
display_graphs is not None:
display = ET.SubElement(catalog, 'display')
if display_contents is not None:
contents = ET.SubElement(display, 'contents')
for content in display_contents.split(','):
contentxml = ET.SubElement(contents, 'CatalogReportContent')
contentxml.text = content.strip()
if display_options is not None:
options = ET.SubElement(display, 'options')
rawlevels = ET.SubElement(options, 'rawLevels')
rawlevels.text = display_options
if display_groups is not None:
groups = ET.SubElement(display, 'groups')
for group in display_groups.split(','):
groupxml = ET.SubElement(groups, 'CatalogReportContent')
groupxml.text = group.strip()
if display_graphs is not None:
graphs = ET.SubElement(display, 'graphs')
for graph in display_graphs.split(','):
graphxml = ET.SubElement(graphs, 'CatalogReportContent')
graphxml.text = graph
if scandate_start is not None or filters_status is not None or filters_url is not None or filters_ip is not None \
or filters_os is not None:
filters = ET.SubElement(catalog, 'filters')
if scandate_start is not None:
scandate = ET.SubElement(filters, 'scanDate')
start = ET.SubElement(scandate, 'startDate')
start.text = scandate_start
end = ET.SubElement(scandate, 'endDate')
end.text = scandate_end
if filters_status is not None:
status = ET.SubElement(filters, 'status')
for entrystatus in filters_status.split(','):
statusxml = ET.SubElement(status, 'EntryStatus')
statusxml.text = filters_status.strip()
if filters_url is not None:
for url in filters_url.split(','):
urlxml = ET.SubElement(filters, 'url')
urlxml.text = url.strip()
if filters_ip is not None:
for ip in filters_ip.split(','):
ipxml = ET.SubElement(filters, 'ip')
ipxml.text = ip.strip()
if filters_os is not None:
for os in filters_os.split(','):
osxml = ET.SubElement(filters, 'os')
osxml.text = os
payload = ET.tostring(sr, method='xml', encoding='utf-8').decode()
resp = api.makeCall(url=fullurl, payload=payload)
return resp
def createAssetGroup(target_api: QualysAPI.QualysAPI, url: str, payload: dict):
fullurl = '%s%s' % (target_api.server, url)
resp = target_api.makeCall(url=fullurl, payload=payload)
return resp
def searchOptionProfiles(api: QualysAPI.QualysAPI, profileid: str = None, profilename: str = None,
tagname: str = None, tagid: int = None,
createddate: str = None, updateddate: str = None,
usedbywebapps: bool = None, usedbyschedules: bool = None,
ownername: str = None, owneruser: str = None):
fullurl = '%s/qps/rest/3.0/search/was/optionprofile' % api.server
sr = ET.Element('ServiceRequest')
filters = ET.SubElement(sr, 'filters')
if profileid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'id')
criteria.set('operator', 'EQUALS')
criteria.text = profileid
if profilename is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'name')
criteria.set('operator', 'EQUALS')
criteria.text = profilename
if tagname is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'tags.name')
criteria.set('operator', 'EQUALS')
criteria.text = tagname
if tagid is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'tags.id')
criteria.set('operator', 'EQUALS')
criteria.text = tagid
if createddate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'createdDate')
criteria.set('operator', 'GREATER')
criteria.text = createddate
if updateddate is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'updatedDate')
criteria.set('operator', 'GREATER')
criteria.text = updateddate
if usedbywebapps is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'usedByWebApps')
criteria.set('operator', 'EQUALS')
criteria.text = str(usedbywebapps).lower()
if usedbyschedules is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'usedBySchedules')
criteria.set('operator', 'EQUALS')
criteria.text = str(usedbyschedules).lower()
if ownername is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'owner.name')
criteria.set('operator', 'CONTAINS')
criteria.text = ownername
if owneruser is not None:
criteria = ET.SubElement(filters, 'Criteria')
criteria.set('field', 'owner.username')
criteria.set('operator', 'EQUALS')
criteria.text = owneruser
if len(filters) > 0:
payload = ET.tostring(sr, method='xml', encoding='utf-8').decode()
else:
payload = ""
resp = api.makeCall(url=fullurl, payload=payload)
return resp
def createIPTrackedVM(target_api: QualysAPI.QualysAPI, addurl: str,
payload: dict):
fullurl = '%s%s' % (target_api.server, addurl)
resp = target_api.makeCall(url=fullurl, payload=payload)
return resp
def getOptionProfile(api: QualysAPI.QualysAPI, profileid: int):
fullurl = '%s/qps/rest/3.0/get/was/optionprofile/%s' % (api.server, str(profileid))
resp = api.makeCall(url=fullurl, method='GET')
return resp
def getUsers(source_api: QualysAPI.QualysAPI):
fullurl = "%s/msp/user_list.php" % source_api.server
resp = source_api.makeCall(url=fullurl)
return resp.find('USER_LIST')
def createDynamicSearchList(target_api: QualysAPI.QualysAPI,
searchlist: ET.Element,
simulate: bool = False):
searchliststr = ''
# criteria = searchlist.find('CRITERIA')
criteria_map = {
'vuln_title': 'VULNERABILITY_TITLE',
'not_vuln_title': 'VULNERABILITY_TITLE',
'discovery_methods': 'DISCOVERY_METHOD',
'auth_types': 'AUTHENTICATION_TYPE',
'user_configuration': 'USER_CONFIGURATION',
'categories': 'CATEGORY',
'not_categories': 'CATEGORY',
'confirmed_severities': 'CONFIRMED_SEVERITY',
'potential_severities': 'POTENTIAL_SEVERITY',
'ig_severities': 'INFORMATION_SEVERITY',
'products': 'PRODUCT',
'not_products': 'PRODUCT',
'patch_available': 'PATCH_AVAILABLE',
'virtual_patch_available': 'VIRTUAL_PATCH_AVAILABLE',
'cve_ids': 'CVE_ID',
'not_cve_ids': 'CVE_ID',
'exploitability': 'EXPLOITABILITY',
'malware_associated': 'ASSOCIATED_MALWARE',
'vendor_refs': 'VENDOR_REFERENCE',
'not_vendor_refs': 'VENDOR_REFERENCE',
'bugtraq_id': 'BUGTRAQ_ID',
'not_bugtraq_id': 'BUGTRAQ_ID',
'vuln_details': 'VULNERABILITY_DETAILS',
'compliance_details': 'COMPLIANCE_DETAILS',
'supported_modules': 'SUPPORTED_MODULES',
'compliance_types': 'COMPLIANCE_TYPES',
'qualys_top_lists': 'QUALYS_TOP_20',
'cpe': 'CPE',
'qids_not_exploitable': 'OTHER',
'non_running_services': 'OTHER',
'sans_20': 'OTHER',
'nac_nam': 'NETWORK_ACCESS',
'cvss_base': 'CVSS_BASE_SCORE',
'cvss_temp': 'CVSS_TEMPORAL_SCORE',
'cvss_access_vector': 'CVSS_ACCESS_VECTOR',
'cvss_base_operand': 'CVSS_BASE_SCORE_OPERAND',
'cvss_temp_operand': 'CVSS_TEMPORAL_SCORE_OPERAND',
'cvss3_base': 'CVSS3_BASE_SCORE',
'cvss3_temp': 'CVSS3_TEMPORAL_SCORE',
'cvss3_base_operand': 'CVSS3_BASE_SCORE_OPERAND',
'cvss3_temp_operand': 'CVSS3_TEMPORAL_SCORE_OPERAND',
'user_modified': 'USER_MODIFIED',
'published': 'PUBLISHED',
'service_modified': 'SERVICE_MODIFIED'
}
globalsl = '0'
if searchlist.find('GLOBAL').text == 'Yes':
globalsl = '1'
fullurl = '%s/api/2.0/fo/qid/search_list/dynamic/?action=create&title=%s&global=%s&%s' % (
target_api.server, parse.quote(
searchlist.find('TITLE').text), globalsl, searchliststr)
if searchlist.find('COMMENTS') is not None:
fullurl = '%s&comments=%s' % (
fullurl, parse.quote(searchlist.find('COMMENTS').text))
criteria = searchlist.find('CRITERIA')
done_other = False
for param in criteria_map.keys():
if criteria_map[param] == 'OTHER' and criteria.find(
'OTHER') is not None:
if done_other:
continue
fullurl = '%s&%s' % (fullurl,
convertOther(criteria.find('OTHER').text))
done_other = True
continue
if criteria_map[param] == 'USER_MODIFIED' and criteria.find(
'USER_MODIFIED') is not None:
fullurl = '%s&%s' % (fullurl,
convertModifiedFilters(
criteria.find('USER_MODIFIED').text,
'user_modified'))
continue
if criteria_map[param] == 'SERVICE_MODIFIED' and criteria.find(
'SERVICE_MODIFIED') is not None:
fullurl = '%s&%s' % (fullurl,
convertModifiedFilters(
criteria.find('SERVICE_MODIFIED').text,
'service_modified'))
continue
if criteria_map[param] == 'PUBLISHED' and criteria.find(
'PUBLISHED') is not None:
fullurl = '%s&%s' % (fullurl,
convertModifiedFilters(
criteria.find('PUBLISHED').text,
'published'))
continue
if criteria_map[param] == 'DISCOVERY_METHOD':
if criteria.find('DISCOVERY_METHOD').text == 'All':
fullurl = '%s&%s' % (fullurl, 'discovery_methods=ALL')
else:
dm = criteria.find('DISCOVERY_METHOD').text
if dm.find(' and ') >= 0:
dmlist = dm.split(' and ')
dmstr = ','.join(dmlist)
else:
dmstr = dm
fullurl = '%s&%s' % (fullurl, 'discovery_methods=%s' % dmstr)
continue
if criteria_map[param] == 'PATCH_AVAILABLE' and criteria.find(
'PATCH_AVAILABLE') is not None:
if criteria.find('PATCH_AVAILABLE').text == 'Yes':
fullurl = '%s&%s' % (fullurl, 'patch_available=1')
else:
fullurl = '%s&%s' % (fullurl, 'patch_available=0')
continue
if criteria_map[param] == 'VIRTUAL_PATCH_AVAILABLE' and criteria.find(
'VIRTUAL_PATCH_AVAILABLE') is not None:
if criteria.find('VIRTUAL_PATCH_AVAILABLE').text == 'Yes':
fullurl = '%s&%s' % (fullurl, 'virtual_patch_available=1')
else:
fullurl = '%s&%s' % (fullurl, 'virtual_patch_available=0')
continue
if criteria_map[param] == 'QUALYS_TOP_20' and criteria.find(
'QUALYS_TOP_20') is not None:
toplists = []
for toplist in criteria.find('QUALYS_TOP_20').text.split(','):
if toplist == 'Top Internal 10':
toplists.append('Internal_10')
if toplist == 'Top External 10':
toplists.append('External_10')
fullurl = '%s&qualys_top_lists=%s' % (fullurl, ','.join(toplists))
continue
if criteria.find('%s' % criteria_map[param]) is not None:
if param[0:4] == 'not_':
val = '0'
if criteria.find('%s' %
criteria_map[param]).text[0:3] == 'NOT':
val = '1'
fullurl = '%s&%s=%s' % (fullurl, param, val)
else:
if criteria_map[param][0:4] == 'NOT ':
fullurl = '%s&%s=%s' % (
fullurl, param,
parse.quote(
criteria.find(
'%s' % criteria_map[param]).text[4:]))
else:
fullurl = '%s&%s=%s' % (
fullurl, param,
parse.quote(
criteria.find('%s' % criteria_map[param]).text))
if simulate:
print('Request String : %s' % fullurl)
return ''
resp = target_api.makeCall(url=fullurl)
if not responseHandler(resp):
print('QualysSearchListProcessor.createDynamicSearchList failed')
return None
return resp
