def dotransform(request, response):
checkdir(config['nexpose/reportdir'])
# Nexpose API session login
session = nexlogin()
# Nexpose Adhoc report generation and save to file
siteid = request.fields['siteid']
report = '%s.xml' % siteid
reportstatus = reportChecker(session, siteid, report)
if reportstatus == True:
f = open(os.path.join(config['nexpose/reportdir'], report))
reporto = f.read()
f.close
else:
raise MaltegoException('Something went wrong with the report checks')
for dic in nexposeExploits(reporto):
for key, val in dic.iteritems():
if key == request.fields['vulnid'] and val[1] == 'exploitdb':
e = NexposeEDBExploit(val[0],
exploittype=val[1],
siteid=siteid,
scanid=request.fields['scanid'],
vulnid=key)
e += Label('Exploit DB URL', val[2])
e += Label('Skill Level', val[3])
response += e
return response
nexlogout(session)
def dotransform(request, response):
checkdir(config['nexpose/reportdir'])
# Nexpose API session login
session = nexlogin()
# Nexpose Adhoc report generation and save to file
siteid = request.fields['siteid']
report = '%s.xml' % siteid
reportstatus = reportChecker(session, siteid, report)
if reportstatus == True:
f = open(os.path.join(config['nexpose/reportdir'], report))
reporto = f.read()
f.close
else:
raise MaltegoException('Something went wrong with the report checks')
for dic in nexposeVulns(reporto):
for key, val in dic.iteritems():
e = NexposeVulnerability(val[0],
siteid=siteid,
scanid=request.fields['scanid'],
vulnid=key)
e += Label('cvss Score', val[2])
e += Label('Severity', val[1])
response += e
return response
nexlogout(session)
def dotransform(request, response):
checkdir(config['nexpose/reportdir'])
# Nexpose API session login
session = nexlogin()
# Nexpose Adhoc report generation and save to file
siteid = request.fields['siteid']
report = '%s.xml' % siteid
reportstatus = reportChecker(session, siteid, report)
if reportstatus == True:
f = open(os.path.join(config['nexpose/reportdir'], report))
reporto = f.read()
f.close
else:
raise MaltegoException('Something went wrong with the report checks')
for dic in nexposeExploits(reporto):
for key, val in dic.iteritems():
if key == request.fields['vulnid'] and val[1] == 'metasploit':
e = NexposeMetasploitModule(val[0],
exploittype=val[1],
siteid=siteid,
scanid=request.fields['scanid'],
vulnid=key)
e += Label('Metasploit Module URL', val[2])
e += Label('Skill Level', val[3])
response += e
return response
nexlogout(session)
def dotransform(request, response):
# Nespose API session login
session = nexlogin()
# Nexpose site creation
sitename = datetime.today().strftime("%Y%m%d-%H%M%S") + '-MaltegoSite'
newsite = host_site(sitename, request.value)
nexsite = sitesave(session, newsite)
resxml = ET.fromstring(nexsite)
siteid = resxml.attrib.get('site-id')
progress(10)
if resxml.attrib.get('success') == '1':
# Nexpose Scan Site
launchscan = sitescan(session, siteid)
launchres = ET.fromstring(launchscan)
progress(25)
if launchres.attrib.get('success') == '1':
for child in launchres:
scanid = child.attrib.get('scan-id')
status = scanstatus(session, scanid)
statusxml = ET.fromstring(status)
progress(50)
while statusxml.attrib.get('status') == 'running':
sleep(5)
status = scanstatus(session, scanid)
statusxml = ET.fromstring(status)
continue
progress(100)
response += NexposeSite(sitename,
siteid=siteid,
scanid=scanid,
targetip=request.value)
return response
nexlogout(session)
def dotransform(request, response):
checkdir(config['nexpose/reportdir'])
# Nexpose API session login
session = nexlogin()
# Nexpose Adhoc report generation and save to file
siteid = request.fields['siteid']
report = '%s.xml' % siteid
reportstatus = reportChecker(session, siteid, report)
if reportstatus == True:
f = open(os.path.join(config['nexpose/reportdir'], report))
reporto = f.read()
f.close
else:
raise MaltegoException('Something went wrong with the report checks')
for dic in nexposePort(reporto):
for key, val in dic.iteritems():
response += Port(key,
siteid=siteid,
scanid=request.fields['scanid'],
protocol=val[0],
status=val[1])
return response
nexlogout(session)
def dotransform(request, response):
# Nespose API session login
session = nexlogin()
# Nexpose site creation
sitename = datetime.today().strftime("%Y%m%d-%H%M%S") + '-MaltegoSite'
newsite = host_site(sitename, request.value)
nexsite = sitesave(session, newsite)
resxml = ET.fromstring(nexsite)
siteid = resxml.attrib.get('site-id')
progress(10)
if resxml.attrib.get('success') == '1':
# Nexpose Scan Site
launchscan = sitescan(session, siteid)
launchres = ET.fromstring(launchscan)
progress(25)
if launchres.attrib.get('success') == '1':
for child in launchres:
scanid = child.attrib.get('scan-id')
status = scanstatus(session, scanid)
statusxml = ET.fromstring(status)
progress(50)
while statusxml.attrib.get('status') == 'running':
sleep(5)
status = scanstatus(session, scanid)
statusxml = ET.fromstring(status)
continue
progress(100)
response += NexposeSite(
sitename,
siteid=siteid,
scanid=scanid,
targetip=request.value)
return response
nexlogout(session)
def dotransform(request, response):
checkdir(config['nexpose/reportdir'])
# Nexpose API session login
session = nexlogin()
# Nexpose Adhoc report generation and save to file
siteid = request.fields['siteid']
report = '%s.xml' % siteid
reportstatus = reportChecker(session, siteid, report)
if reportstatus == True:
f = open(os.path.join(config['nexpose/reportdir'], report))
reporto = f.read()
f.close
else:
raise MaltegoException('Something went wrong with the report checks')
for dic in nexposeServiceVer(reporto):
for key, val in dic.iteritems():
if key == request.value and len(val) == 3:
response += ServiceVersion(val[0] + '-' + val[1],
siteid=siteid,
scanid=request.fields['scanid'],
port=request.fields['port'],
service=request.value,
certainty=val[2])
elif key == request.value and len(val) == 2:
response += ServiceVersion(val[0] + '-' + val[1],
siteid=siteid,
scanid=request.fields['scanid'],
port=request.fields['port'],
service=request.value)
elif key == request.value and len(val) == 1:
response += ServiceVersion(val[0],
siteid=siteid,
scanid=request.fields['scanid'],
port=request.fields['port'],
service=request.value)
return response
nexlogout(session)
def dotransform(request, response):
checkdir(config['nexpose/reportdir'])
# Nexpose API session login
session = nexlogin()
# Nexpose Adhoc report generation and save to file
siteid = request.fields['siteid']
report = '%s.xml' % siteid
reportstatus = reportChecker(session, siteid, report)
if reportstatus == True:
f = open(os.path.join(config['nexpose/reportdir'], report))
reporto = f.read()
f.close
else:
raise MaltegoException('Something went wrong with the report checks')
for dic in nexposeServiceVer(reporto):
for key, val in dic.iteritems():
if key == request.value and len(val) == 3:
response += ServiceVersion(val[0] + '-' + val[1],
siteid=siteid,
scanid=request.fields['scanid'],
port=request.fields['port'],
service=request.value,
certainty=val[2])
elif key == request.value and len(val) == 2:
response += ServiceVersion(val[0] + '-' + val[1],
siteid=siteid,
scanid=request.fields['scanid'],
port=request.fields['port'],
service=request.value)
elif key == request.value and len(val) == 1:
response += ServiceVersion(val[0],
siteid=siteid,
scanid=request.fields['scanid'],
port=request.fields['port'],
service=request.value)
return response
nexlogout(session)
def dotransform(request, response):
checkdir(config['nexpose/reportdir'])
# Nexpose API session login
session = nexlogin()
# Nexpose Adhoc report generation and save to file
siteid = request.fields['siteid']
report = '%s.xml' % siteid
reportstatus = reportChecker(session, siteid, report)
if reportstatus == True:
f = open(os.path.join(config['nexpose/reportdir'], report))
reporto = f.read()
f.close
else:
raise MaltegoException('Something went wrong with the report checks')
for dic in nexposePortTests(reporto):
for key, val in dic.iteritems():
if request.value == key:
for key1, val1 in val.iteritems():
test = key1
for dic in nexposeVulns(reporto):
for key2, val2 in dic.iteritems():
if test == key2:
e = NexposeVulnerability(val2[0],
siteid=siteid,
scanid=request.fields['scanid'],
vulnid=key2)
e += Label('cvss Score', val2[2])
e += Label('Severity', val2[1])
response += e
else:
pass
return response
nexlogout(session)
