def dotransform(request, response):
    s = login()
    if s is None:
        return response

    vulns = Report(s, request.entity.uuid, request.value).search(
        ReportFilterQuery(
            ReportFilter(
                'exploit_framework_metasploit',
                'eq',
                'true'
            )
        )
    )

    for k, v in vulns.iteritems():
        e = NessusVulnerability(v.name, weight=v.count)
        e.severity = v.severity
        e.iconurl = icon_resource('logos/metasploit.png')
        e.pluginid = v.id
        e.count = v.count
        e.family = v.family
        e.uuid = v.uuid
        e.server = s.server
        e.port = s.port
        e += Field('metasploit_name', v.hosts[0].details[0].output['metasploit_name'], displayname='Metasploit Name')
        response += e
    return response
def dotransform(request, response):
    from sploitego.msftools.exploit import launch

    s = nessus_login(host=request.entity.server, port=request.entity.port)
    if s is None:
        return response
    m = metasploit_login()
    if m is None:
        return response

    vulns = Report(s, request.entity.uuid, '').vulnerabilities
    for h in vulns[request.entity.pluginid].hosts:
        session = launch(m, {'RPORT': int(h.port), 'RHOST': h.name}, filter_=request.fields.get('metasploit_name'))

        if session != -1:
            e = MetasploitSession('%s:%s' % (h.name, h.port))
            e.sessionid = session
            e.server = m.server
            e.port = m.port
            e.uri = m.uri
            e.iconurl = icon_resource('logos/terminal.png')
            response += e
        break

    return response
Example #3
0
def dotransform(request, response):
    s = login()
    if s is None:
        return response

    vulns = Report(s, request.entity.uuid, request.value).search(
        ReportFilterQuery(
            ReportFilter('exploit_framework_metasploit', 'eq', 'true')))

    for k, v in vulns.iteritems():
        e = NessusVulnerability(v.name, weight=v.count)
        e.severity = v.severity
        e.iconurl = icon_resource('logos/metasploit.png')
        e.pluginid = v.id
        e.count = v.count
        e.family = v.family
        e.uuid = v.uuid
        e.server = s.server
        e.port = s.port
        e += Field('metasploit_name',
                   v.hosts[0].details[0].output['metasploit_name'],
                   displayname='Metasploit Name')
        response += e
    return response