def main(): commandsusage = """Supported commands:\r\n - list:\tlists all scans\r\n - export:\texports the given scan to a given format\r\n - delete:\tdeletes the scan\r\n - stats:\tprint out some statistics of interest\r\n - search:\tsearch for a specific string in the user agent (svmap)\r\n """ commandsusage += "examples:\r\n\r\n" commandsusage += " %s.py list\r\n\r\n" % __prog__ commandsusage += " %s.py export -f pdf -o scan1.pdf -s scan1\r\n\r\n" % __prog__ commandsusage += " %s.py delete -s scan1\r\n\r\n" % __prog__ usage = "%prog [command] [options]\r\n\r\n" usage += commandsusage parser = OptionParser(usage=usage, version="%prog v" + str(__version__) + __GPL__) parser.add_option('-v', '--verbose', dest="verbose", action="count", help="Increase verbosity") parser.add_option('-q', '--quiet', dest="quiet", action="store_true", default=False, help="Quiet mode") parser.add_option("-t", "--type", dest="sessiontype", help="Type of session. This is usually either svmap, svwar or svcrack. If not set I will try to find the best match") parser.add_option("-s", "--session", dest="session", help="Name of the session") parser.add_option("-f", "--format", dest="format", help="Format type. Can be stdout, pdf, xml, csv or txt") parser.add_option("-o", "--output", dest="outputfile", help="Output filename") parser.add_option("-n", dest="resolve", default=True, action="store_false", help="Do not resolve the ip address") parser.add_option("-c", "--count", dest="count", default=False, action="store_true", help="Used togather with 'list' command to count the number of entries") (options, args) = parser.parse_args() if len(args) < 1: parser.error("Please specify a command.\r\n") exit(1) command = args[0] from libs.svhelper import listsessions, deletesessions, createReverseLookup, dbexists from libs.svhelper import getsessionpath, getasciitable, outputtoxml, outputtopdf, calcloglevel validcommands = ['list', 'export', 'delete', 'stats', 'search'] if command not in validcommands: parser.error('%s is not a supported command' % command) exit(1) logging.basicConfig(level=calcloglevel(options)) sessiontypes = ['svmap', 'svwar', 'svcrack'] logging.debug('started logging') if command == 'list': listsessions(options.sessiontype, count=options.count) if command == 'delete': if options.session is None: parser.error("Please specify a valid session.") exit(1) sessionpath = deletesessions(options.session, options.sessiontype) if sessionpath is None: parser.error( 'Session could not be found. Make sure it exists by making use of %s.py list' % __prog__) exit(1) elif command == 'export': from datetime import datetime start_time = datetime.now() if options.session is None: parser.error("Please specify a valid session") exit(1) if options.outputfile is None and options.format not in [None, 'stdout']: parser.error("Please specify an output file") exit(1) tmp = getsessionpath(options.session, options.sessiontype) if tmp is None: parser.error( 'Session could not be found. Make sure it exists by making use of %s list' % __prog__) exit(1) sessionpath, sessiontype = tmp resolve = False resdb = None if sessiontype == 'svmap': dbloc = os.path.join(sessionpath, 'resultua') labels = ['Host', 'User Agent'] elif sessiontype == 'svwar': dbloc = os.path.join(sessionpath, 'resultauth') labels = ['Extension', 'Authentication'] elif sessiontype == 'svcrack': dbloc = os.path.join(sessionpath, 'resultpasswd') labels = ['Extension', 'Password'] if not dbexists(dbloc): logging.error('The database could not be found: %s' % dbloc) exit(1) db = anydbm.open(dbloc, 'r') if options.resolve and sessiontype == 'svmap': resolve = True labels.append('Resolved') resdbloc = os.path.join(sessionpath, 'resolved') if not dbexists(resdbloc): logging.info('Performing DNS reverse lookup') resdb = anydbm.open(resdbloc, 'c') createReverseLookup(db, resdb) else: logging.info('Not Performing DNS lookup') resdb = anydbm.open(resdbloc, 'r') if options.outputfile is not None: if options.outputfile.find('.') < 0: if options.format is None: options.format = 'txt' options.outputfile += '.%s' % options.format if options.format in [None, 'stdout', 'txt']: o = getasciitable(labels, db, resdb) if options.outputfile is None: print o else: open(options.outputfile, 'w').write(o) elif options.format == 'xml': from xml.dom.minidom import Document doc = Document() node = doc.createElement(sessiontype) o = outputtoxml('%s report' % sessiontype, labels, db, resdb) open(options.outputfile, 'w').write(o) elif options.format == 'pdf': outputtopdf(options.outputfile, '%s report' % sessiontype, labels, db, resdb) elif options.format == 'csv': import csv writer = csv.writer(open(options.outputfile, "w")) for k in db.keys(): row = [k, db[k]] if resdb is not None: if resdb.has_key(k): row.append(resdb[k]) else: row.append('N/A') writer.writerow(row) logging.info("That took %s" % (datetime.now() - start_time)) elif command == 'stats': from operator import itemgetter import re if options.session is None: parser.error("Please specify a valid session") exit(1) if options.outputfile is None and options.format not in [None, 'stdout']: parser.error("Please specify an output file") exit(1) tmp = getsessionpath(options.session, options.sessiontype) if tmp is None: parser.error( 'Session could not be found. Make sure it exists by making use of %s list' % __prog__) exit(1) sessionpath, sessiontype = tmp if sessiontype != 'svmap': parser.error('Only takes svmap sessions for now') exit(1) dbloc = os.path.join(sessionpath, 'resultua') if not dbexists(dbloc): logging.error('The database could not be found: %s' % dbloc) exit(1) db = anydbm.open(dbloc, 'r') useragents = dict() useragentconames = dict() for k in db.keys(): v = db[k] if not useragents.has_key(v): useragents[v] = 0 useragents[v] += 1 useragentconame = re.split('[ /]', v)[0] if not useragentconames.has_key(useragentconame): useragentconames[useragentconame] = 0 useragentconames[useragentconame] += 1 _useragents = sorted(useragents.iteritems(), key=itemgetter(1), reverse=True) suseragents = map(lambda x: '\t- %s (%s)' % (x[0], x[1]), _useragents) _useragentsnames = sorted( useragentconames.iteritems(), key=itemgetter(1), reverse=True) suseragentsnames = map(lambda x: '\t- %s (%s)' % (x[0], x[1]), _useragentsnames) print "Total number of SIP devices found: %s" % len(db.keys()) print "Total number of useragents: %s\r\n" % len(suseragents) print "Total number of useragent names: %s\r\n" % len(suseragentsnames) print "Most popular top 30 useragents:\r\n" print '\r\n'.join(suseragents[:30]) print '\r\n\r\n' print "Most unpopular top 30 useragents:\r\n\t" print '\r\n'.join(suseragents[-30:]) print "\r\n\r\n" print "Most popular top 30 useragent names:\r\n" print '\r\n'.join(suseragentsnames[:30]) print '\r\n\r\n' print "Most unpopular top 30 useragent names:\r\n\t" print '\r\n'.join(suseragentsnames[-30:]) print "\r\n\r\n" elif command == 'search': if options.session is None: parser.error("Please specify a valid session") exit(1) if len(args) < 2: parser.error('You need to specify a search string') searchstring = args[1] tmp = getsessionpath(options.session, options.sessiontype) if tmp is None: parser.error( 'Session could not be found. Make sure it exists by making use of %s list' % __prog__) exit(1) sessionpath, sessiontype = tmp if sessiontype != 'svmap': parser.error('Only takes svmap sessions for now') exit(1) dbloc = os.path.join(sessionpath, 'resultua') if not dbexists(dbloc): logging.error('The database could not be found: %s' % dbloc) exit(1) db = anydbm.open(dbloc, 'r') useragents = dict() useragentconames = dict() labels = ['Host', 'User Agent'] for k in db.keys(): v = db[k] if searchstring.lower() in v.lower(): print k + '\t' + v
def main(self): #Here is the main function of the class. #Note that it's just a name unlike java... #See below for the entry point of the program. commandsusage = """Supported commands:\r\n - list:\tlists all scans\r\n - export:\texports the given scan to a given format\r\n - delete:\tdeletes the scan\r\n - stats:\tprint out some statistics of interest\r\n - search:\tsearch for a specific string in the user agent (svmap)\r\n """ commandsusage += "examples:\r\n\r\n" commandsusage += " %s.py list\r\n\r\n" % __prog__ commandsusage += " %s.py svreport export -f pdf -o scan1.pdf -s scan1\r\n\r\n" % __prog__ commandsusage += " %s.py svreport delete -s scan1\r\n\r\n" % __prog__ usage = "%prog [command] [options]\r\n\r\n" usage += commandsusage # Parse arguments. # The OptionParser constructor has no required arguments, but a number of optional keyword arguments. # You should always pass them as keyword arguments, i.e. do not rely on the order in which the arguments are declared. # More about this method of parsing, see there http://docs.python.org/2/library/optparse.html#optparse.OptionParser parser = OptionParser(usage=usage,version="%prog v"+str(__version__)) parser.add_option('-v', '--verbose', dest="verbose", action="count", help="Increase verbosity") parser.add_option('-q', '--quiet', dest="quiet", action="store_true", default=False, help="Quiet mode") parser.add_option("-t", "--type", dest="sessiontype", help="Type of session. This is usually either svmap, svwar or svcrack. If not set I will try to find the best match") parser.add_option("-s", "--session", dest="session", help="Name of the session") parser.add_option("-f", "--format", dest="format", help="Format type. Can be stdout, pdf, xml, csv or txt") parser.add_option("-o", "--output", dest="outputfile", help="Output filename") parser.add_option("-n", dest="resolve", default=True, action="store_false", help="Do not resolve the ip address") parser.add_option("-c", "--count", dest="count", default=False, action="store_true", help="Used togather with 'list' command to count the number of entries") (options,args) = parser.parse_args() # Check that there is no empty arg. if len(args) <= 1: parser.error("Please specify a command.\r\n") exit(1) command = args[1] # Import additional modules from libs.svhelper import listsessions,deletesessions,createReverseLookup, dbexists from libs.svhelper import getsessionpath,getasciitable,outputtoxml,outputtopdf, calcloglevel # Create list of valid commands that can use validcommands = ['list','export','delete','stats','search'] if command not in validcommands: parser.error('%s is not a supported command' % command) exit(1) # Does basic configuration for the logging system by creating a StreamHandler with a default # Formatter and adding it to the root logger. The functions debug(), info(), warning(), error() and # critical() will call basicConfig() automatically if no handlers are defined for the root logger. logging.basicConfig(level=calcloglevel(options)) sessiontypes = ['svmap','svwar','svcrack'] logging.debug('started logging') if command == 'list': # Get current sessions. If they are listsessions(options.sessiontype,count=options.count) if command == 'delete': if options.session is None: parser.error("Please specify a valid session.") exit(1) sessionpath = deletesessions(options.session,options.sessiontype) if sessionpath is None: parser.error('Session could not be found. Make sure it exists by making use of %s.py list' % __prog__) exit(1) elif command == 'export': start_time = datetime.now() if options.session is None: parser.error("Please specify a valid session") exit(1) if options.outputfile is None and options.format not in [None,'stdout']: parser.error("Please specify an output file") exit(1) tmp = getsessionpath(options.session,options.sessiontype) if tmp is None: parser.error('Session could not be found. Make sure it exists by making use of %s list' % __prog__) exit(1) sessionpath,sessiontype = tmp resolve = False resdb = None if sessiontype == 'svmap': dbloc = os.path.join(sessionpath,'resultua') labels = ['Host','User Agent'] elif sessiontype == 'svwar': dbloc = os.path.join(sessionpath,'resultauth') labels = ['Extension','Authentication'] elif sessiontype == 'svcrack': dbloc = os.path.join(sessionpath,'resultpasswd') labels = ['Extension','Password'] if not dbexists(dbloc): logging.error('The database could not be found: %s'%dbloc) exit(1) db = anydbm.open(dbloc,'r') if options.resolve and sessiontype == 'svmap': resolve = True labels.append('Resolved') resdbloc = os.path.join(sessionpath,'resolved') if not dbexists(resdbloc): logging.info('Performing DNS reverse lookup') resdb = anydbm.open(resdbloc,'c') createReverseLookup(db,resdb) else: logging.info('Not Performing DNS lookup') resdb = anydbm.open(resdbloc,'r') if options.outputfile is not None: if options.outputfile.find('.') < 0: if options.format is None: options.format = 'txt' options.outputfile += '.%s' % options.format if options.format in [None,'stdout','txt']: o = getasciitable(labels,db,resdb) if options.outputfile is None: print o else: open(options.outputfile,'w').write(o) elif options.format == 'xml': doc = Document() node = doc.createElement(sessiontype) o = outputtoxml('%s report' % sessiontype,labels,db,resdb) open(options.outputfile,'w').write(o) elif options.format == 'pdf': outputtopdf(options.outputfile,'%s report' % sessiontype,labels,db,resdb) elif options.format == 'csv': import csv writer = csv.writer(open(options.outputfile,"w")) for k in db.keys(): row = [k,db[k]] if resdb is not None: if resdb.has_key(k): row.append(resdb[k]) else: row.append('N/A') writer.writerow(row) logging.info( "That took %s" % (datetime.now() - start_time)) elif command == 'stats': from operator import itemgetter import re if options.session is None: parser.error("Please specify a valid session") exit(1) if options.outputfile is None and options.format not in [None,'stdout']: parser.error("Please specify an output file") exit(1) tmp = getsessionpath(options.session,options.sessiontype) if tmp is None: parser.error('Session could not be found. Make sure it exists by making use of %s list' % __prog__) exit(1) sessionpath,sessiontype = tmp if sessiontype != 'svmap': parser.error('Only takes svmap sessions for now') exit(1) dbloc = os.path.join(sessionpath,'resultua') if not dbexists(dbloc): logging.error('The database could not be found: %s'%dbloc) exit(1) db = anydbm.open(dbloc,'r') useragents = dict() useragentconames = dict() for k in db.keys(): v = db[k] if not useragents.has_key(v): useragents[v] = 0 useragents[v]+=1 useragentconame = re.split('[ /]',v)[0] if not useragentconames.has_key(useragentconame): useragentconames[useragentconame] = 0 useragentconames[useragentconame] += 1 _useragents = sorted(useragents.iteritems(), key=itemgetter(1), reverse=True) suseragents = map(lambda x: '\t- %s (%s)' % (x[0],x[1]), _useragents) _useragentsnames = sorted(useragentconames.iteritems(), key=itemgetter(1), reverse=True) suseragentsnames = map(lambda x: '\t- %s (%s)' % (x[0],x[1]), _useragentsnames) print "Total number of SIP devices found: %s" % len(db.keys()) print "Total number of useragents: %s\r\n" % len(suseragents) print "Total number of useragent names: %s\r\n" % len(suseragentsnames) print "Most popular top 30 useragents:\r\n" print '\r\n'.join(suseragents[:30]) print '\r\n\r\n' print "Most unpopular top 30 useragents:\r\n\t" print '\r\n'.join(suseragents[-30:]) print "\r\n\r\n" print "Most popular top 30 useragent names:\r\n" print '\r\n'.join(suseragentsnames[:30]) print '\r\n\r\n' print "Most unpopular top 30 useragent names:\r\n\t" print '\r\n'.join(suseragentsnames[-30:]) print "\r\n\r\n" elif command == 'search': if options.session is None: parser.error("Please specify a valid session") exit(1) if len(args) < 2: parser.error('You need to specify a search string') searchstring = args[1] tmp = getsessionpath(options.session,options.sessiontype) if tmp is None: parser.error('Session could not be found. Make sure it exists by making use of %s list' % __prog__) exit(1) sessionpath,sessiontype = tmp if sessiontype != 'svmap': parser.error('Only takes svmap sessions for now') exit(1) dbloc = os.path.join(sessionpath,'resultua') if not dbexists(dbloc): logging.error('The database could not be found: %s'%dbloc) exit(1) db = anydbm.open(dbloc,'r') useragents = dict() useragentconames = dict() labels = ['Host','User Agent'] for k in db.keys(): v = db[k] if searchstring.lower() in v.lower(): print k+'\t'+v
(options, args) = parser.parse_args() if len(args) < 1: parser.error("Please specify a command.\r\n") exit(1) command = args[0] from libs.svhelper import listsessions, deletesessions, createReverseLookup, dbexists from libs.svhelper import getsessionpath, getasciitable, outputtoxml, outputtopdf, calcloglevel validcommands = ['list', 'export', 'delete', 'stats', 'search'] if command not in validcommands: parser.error('%s is not a supported command' % command) exit(1) logging.basicConfig(level=calcloglevel(options)) sessiontypes = ['svmap', 'svwar', 'svcrack'] logging.debug('started logging') if command == 'list': listsessions(options.sessiontype, count=options.count) if command == 'delete': if options.session is None: parser.error("Please specify a valid session.") exit(1) sessionpath = deletesessions(options.session, options.sessiontype) if sessionpath is None: parser.error( 'Session could not be found. Make sure it exists by making use of %s.py list' % __prog__) exit(1) elif command == 'export': from datetime import datetime start_time = datetime.now() if options.session is None: parser.error("Please specify a valid session")
(options,args) = parser.parse_args() if len(args) < 1: parser.error("Please specify a command.\r\n") exit(1) command = args[0] from libs.svhelper import listsessions,deletesessions,createReverseLookup, dbexists from libs.svhelper import getsessionpath,getasciitable,outputtoxml,outputtopdf, calcloglevel validcommands = ['list','export','delete','stats','search'] if command not in validcommands: parser.error('%s is not a supported command' % command) exit(1) logging.basicConfig(level=calcloglevel(options)) sessiontypes = ['svmap','svwar','svcrack'] logging.debug('started logging') if command == 'list': listsessions(options.sessiontype,count=options.count) if command == 'delete': if options.session is None: parser.error("Please specify a valid session.") exit(1) sessionpath = deletesessions(options.session,options.sessiontype) if sessionpath is None: parser.error('Session could not be found. Make sure it exists by making use of %s.py list' % __prog__) exit(1) elif command == 'export': from datetime import datetime start_time = datetime.now() if options.session is None: parser.error("Please specify a valid session") exit(1) if options.outputfile is None and options.format not in [None,'stdout']: