def execute_action(ws, objects, rule, _server): logger.info("Running actions of rule '%s' :" % rule['id']) actions = rule['actions'] _objs_value = None if 'object' in rule: _objs_value = rule['object'] for obj in objects: for action in actions: action = action.strip('--') command, expression = action.split(':') if command == 'UPDATE': key, value = expression.split('=') if obj.class_signature == 'VulnerabilityWeb' or obj.class_signature == 'Vulnerability': if update_vulnerability(ws, obj, key, value, _server): insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=key, value=value) if obj.class_signature == 'Service': update_service(ws, obj, key, value) if obj.class_signature == 'Host': update_host(ws, obj, key, value) elif command == 'DELETE': if obj.class_signature == 'VulnerabilityWeb': models.delete_vuln_web(ws, obj.id) logger.info(" Deleting vulnerability web '%s' with id '%s':" % (obj.name, obj.id)) insert_rule(rule['id'], command, obj, _objs_value) elif obj.class_signature == 'Vulnerability': models.delete_vuln(ws, obj.id) logger.info("Deleting vulnerability '%s' with id '%s':" % (obj.name, obj.id)) elif obj.class_signature == 'Service': models.delete_service(ws, obj.id) logger.info("Deleting service '%s' with id '%s':" % (obj.name, obj.id)) elif obj.class_signature == 'Host': models.delete_host(ws, obj.id) logger.info("Deleting host '%s' with id '%s':" % (obj.name, obj.id)) elif command == 'EXECUTE': if subprocess.call(expression, shell=True, stdin=None) is 0: logger.info("Running command: '%s'" % expression) insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=None, value=expression) else: logger.error("Operation fail running command: '%s'" % expression) return False else: subject = 'Faraday searcher alert' body = '%s %s have been modified by rule %s at %s' % ( obj.class_signature, obj.name, rule['id'], str(datetime.now())) send_mail(expression, subject, body) insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=None, value=expression) logger.info("Sending mail to: '%s'" % expression) return True
def main(workspace='', args=None, parser=None): parser.add_argument('-y', '--yes', action="store_true") parsed_args = parser.parse_args(args) if not parsed_args.yes: msg = ("Are you sure you want to delete all hosts in the " "workspace {}? This action can't be undone [y/n] ".format( workspace)) if raw_input(msg) not in ('y', 'yes'): return 1, None for host in models.get_hosts(workspace): print('Delete Host:' + host.name) models.delete_host(workspace, host.id) return 0, None
def execute_action(ws, objects, rule, _server): logger.info("Running actions of rule '%s' :" % rule['id']) actions = rule['actions'] _objs_value = None if 'object' in rule: _objs_value = rule['object'] for obj in objects: for action in actions: action = action.strip('--') command, expression = action.split(':') if command == 'UPDATE': key, value = expression.split('=') if obj.class_signature == 'VulnerabilityWeb' or obj.class_signature == 'Vulnerability': if update_vulnerability(ws, obj, key, value, _server): insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=key, value=value) if obj.class_signature == 'Service': update_service(ws, obj, key, value) if obj.class_signature == 'Host': update_host(ws, obj, key, value) elif command == 'DELETE': if obj.class_signature == 'VulnerabilityWeb': models.delete_vuln_web(ws, obj.id) logger.info( " Deleting vulnerability web '%s' with id '%s':" % (obj.name, obj.id)) insert_rule(rule['id'], command, obj, _objs_value) elif obj.class_signature == 'Vulnerability': models.delete_vuln(ws, obj.id) logger.info("Deleting vulnerability '%s' with id '%s':" % (obj.name, obj.id)) elif obj.class_signature == 'Service': models.delete_service(ws, obj.id) logger.info("Deleting service '%s' with id '%s':" % (obj.name, obj.id)) elif obj.class_signature == 'Host': models.delete_host(ws, obj.id) logger.info("Deleting host '%s' with id '%s':" % (obj.name, obj.id)) elif command == 'EXECUTE': if subprocess.call(expression, shell=True, stdin=None) is 0: logger.info("Running command: '%s'" % expression) insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=None, value=expression) else: logger.error("Operation fail running command: '%s'" % expression) return False else: subject = 'Faraday searcher alert' body = '%s %s have been modified by rule %s at %s' % ( obj.class_signature, obj.name, rule['id'], str(datetime.now())) send_mail(expression, subject, body) insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=None, value=expression) logger.info("Sending mail to: '%s'" % expression) return True
def main(workspace=''): for host in models.get_hosts(workspace): print('Delete Host:' + host.name) models.delete_host(workspace, host.id)