def main(workspace='', args=None, parser=None): parser.add_argument('-q', '--unique', help='Group OSs and print the total amount of hosts.', action='store_true') parsed_args = parser.parse_args(args) host_count = {} for host in models.get_hosts(workspace): if parsed_args.unique: if host.os in host_count: host_count[host.os] += 1 else: host_count[host.os] = 1 else: print(host.os) if parsed_args.unique: for host, count in host_count.items(): print('%s\t(%d)' % (host, count)) return 0, None
def main(workspace='', args=None, parser=None): parser.add_argument('severity', nargs='?', help='Filter by Severity (<=)', default="info", choices=SEVERITY_OPTIONS) parser.add_argument('--couchdb', nargs='?', help='CouchDB URL', default="http://*****:*****@localhost:5984") parsed_args = parser.parse_args(args) cwe = getCweData(parsed_args.couchdb) if cwe is None: print 'CWE DB not downloaded....EXIT' return 2, None for host in models.get_hosts(workspace): for v in host.getVulns(): checkSeverity(v, cwe, parsed_args.severity, workspace, parsed_args.couchdb) for i in host.getAllInterfaces(): for s in i.getAllServices(): for v in s.getVulns(): checkSeverity(v, cwe, parsed_args.severity, workspace, parsed_args.couchdb) return 0, None
def main(workspace='', args=None, parser=None): print '[*]Checking DB...' if not os.path.isfile(DB_PATH): print '[!]DB not found: please download the DB from: ' + URL_DB print '[!]Extract this to $FARADAY/data/ and try again!' raise Exception('DB not found', 'Check if DB exists') print '[*]DB Found!' print '[*]Searching exploits...\n' connection = sqlite3.connect(DB_PATH) cursor = connection.cursor() for host in models.get_hosts(workspace): for v in host.getVulns(): print '[' + host.name + '] ' + v.name printExploits(v.name, v.getRefs(), cursor) for i in host.getAllInterfaces(): for s in i.getAllServices(): for v in s.getVulns(): print '[' + host.name + '] ' + v.name printExploits(v.name, v.getRefs(), cursor) return 0, None
def get_parent(ws, parent_tag): logger.debug("Getting parent") try: parent = models.get_host(ws, parent_tag) or models.get_service(ws, parent_tag) except ResourceDoesNotExist: parent = models.get_hosts(ws, name=parent_tag) or models.get_services(ws, name=parent_tag) if len(parent) == 0: return None return parent
def main(workspace='', args=None, parser=None): parser.add_argument('os_filter', nargs='*', help='List of OSs to filter for', default=[]), parsed_args = parser.parse_args(args) for host in models.get_hosts(workspace): if not parsed_args.os_filter or (parsed_args.os_filter and host.os in parsed_args.os_filter): print '%s\t%s' % (host.name, host.os) return 0, None
def search_hosts_by_service(workspace, b_service): output = "" all_hosts = list(models.get_hosts(workspace)) all_services = list(models.get_services(workspace)) for host in all_hosts: for service in all_services: id_service_host = service.parent_id if host.id == id_service_host and service.name == b_service: output += host.name + "\n" break return output
def main(workspace='', args=None, parser=None): parser.add_argument('-y', '--yes', action="store_true") parsed_args = parser.parse_args(args) if not parsed_args.yes: msg = ("Are you sure you want to delete all hosts in the " "workspace {}? This action can't be undone [y/n] ".format( workspace)) if raw_input(msg) not in ('y', 'yes'): return 1, None for host in models.get_hosts(workspace): print('Delete Host:' + host.name) models.delete_host(workspace, host.id) return 0, None
def main(workspace='', args=None, parser=None): ip_regex = re.compile("^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$") not_matching_count = 0 for host in models.get_hosts(workspace): if re.match(ip_regex, host.ip): print(host.ip) else: not_matching_count += 1 if not_matching_count: print('Hosts that has invalid ip addresses {0}'.format( not_matching_count)) return 0, None
def main(workspace='', args=None, parser=None): parser.add_argument('-s', '--sorted', help='Print a sorted list of IPs.', action='store_true') parsed_args = parser.parse_args(args) ips = [] for host in models.get_hosts(workspace): if parsed_args.sorted: ips += [host.name] else: print(host.name) if parsed_args.sorted: print '\n'.join(sorted(ips)) return 0, None
def main(workspace='', args=None, parser=None): parser.add_argument('severity', nargs='?', help='Filter by Severity (<=)', default="info", choices=SEVERITY_OPTIONS) parser.add_argument('--couchdb', nargs='?', help='CouchDB URL', default="http://*****:*****@localhost:5984") parsed_args = parser.parse_args(args) cwe = getCweData(parsed_args.couchdb) if cwe is None: print('CWE DB not downloaded....EXIT') return 2, None for host in models.get_hosts(workspace): for v in host.getVulns(): checkSeverity(v, cwe, parsed_args.severity, workspace, parsed_args.couchdb) for i in host.getAllInterfaces(): for s in i.getAllServices(): for v in s.getVulns(): checkSeverity(v, cwe, parsed_args.severity, workspace, parsed_args.couchdb) return 0, None
def get_hosts(self, **params): return models.get_hosts(self.active_workspace, **params)
def main(workspace=''): for host in models.get_hosts(workspace): print('Delete Host:' + host.name) models.delete_host(workspace, host.id)
def main(): signal.signal(signal.SIGINT, signal_handler) parser = argparse.ArgumentParser(description='Search duplicated objects on Faraday') parser.add_argument('-w', '--workspace', help='Search duplicated objects into this workspace', required=True) parser.add_argument('-s', '--server', help='Faraday server', required=False, default="http://127.0.0.1:5985/") parser.add_argument('-u', '--user', help='Faraday user', required=False, default="") parser.add_argument('-p', '--password', help='Faraday password', required=False, default="") parser.add_argument('-o', '--output', help='Choose a custom output directory', required=False) parser.add_argument('-l', '--log', help='Choose a custom log level', required=False) args = parser.parse_args() lockf = ".lock.pod" if not lock_file(lockf): print ("You can run only one instance of searcher (%s)" % lockf) exit(0) workspace = '' if args.workspace: workspace = args.workspace else: print("You must enter a workspace in command line, please use --help to read more") os.remove(lockf) exit(0) _server = 'http://127.0.0.1:5985/' if args.server: _server = args.server _user = '******' if args.user: _user = args.user _password = '******' if args.password: _password = args.password output = 'output/' if args.output: output = args.output loglevel = 'debug' if args.log: loglevel = args.log for d in [output, 'log/']: if not os.path.isdir(d): os.makedirs(d) numeric_level = getattr(logging, loglevel.upper(), None) if not isinstance(numeric_level, int): raise ValueError('Invalid log level: %s' % loglevel) if not logger.handlers: logger.propagate = 0 logger.setLevel(numeric_level) fh = logging.FileHandler('log/searcher.log') fh.setLevel(numeric_level) # create console handler with a higher log level ch = logging.StreamHandler() ch.setLevel(numeric_level) # create formatter and add it to the handlers formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s: %(message)s', datefmt='%m/%d/%Y %I:%M:%S %p') fh.setFormatter(formatter) ch.setFormatter(formatter) logger.addHandler(fh) logger.addHandler(ch) try: session_cookie = login_user(_server, _user, _password) if not session_cookie: raise UserWarning('Invalid credentials!') else: CONF.setDBUser(_user) CONF.setDBSessionCookies(session_cookie) server.AUTH_USER = _user server.AUTH_PASS = _password server.SERVER_URL = _server server.FARADAY_UP = False logger.info('Started') logger.info('Searching objects into workspace %s ' % workspace) logger.debug("Getting hosts ...") hosts = models.get_hosts(workspace) logger.debug("Getting services ...") services = models.get_services(workspace) logger.debug("Getting vulnerabilities ...") vulns = models.get_all_vulns(workspace) if validate_rules(): process_vulnerabilities(workspace, vulns, _server) process_services(workspace, services, _server) process_hosts(workspace, hosts, _server) # Remove lockfile os.remove(lockf) logger.info('Finished') except ResourceDoesNotExist: logger.error("Resource not found") os.remove(lockf) exit(0) except Exception as errorMsg: logger.error(errorMsg) os.remove(lockf) exit(0)
def main(workspace=''): for host in models.get_hosts(workspace): print(host.name)
def main(): signal.signal(signal.SIGINT, signal_handler) parser = argparse.ArgumentParser( description='Search duplicated objects on Faraday') parser.add_argument('-w', '--workspace', help='Search duplicated objects into this workspace', required=True) parser.add_argument('-s', '--server', help='Faraday server', required=False, default="http://127.0.0.1:5985/") parser.add_argument('-u', '--user', help='Faraday user', required=False, default="") parser.add_argument('-p', '--password', help='Faraday password', required=False, default="") parser.add_argument('-o', '--output', help='Choose a custom output directory', required=False) parser.add_argument('-l', '--log', help='Choose a custom log level', required=False) args = parser.parse_args() lockf = ".lock.pod" if not lock_file(lockf): print("You can run only one instance of searcher (%s)" % lockf) exit(0) workspace = '' if args.workspace: workspace = args.workspace else: print( "You must enter a workspace in command line, please use --help to read more" ) os.remove(lockf) exit(0) _server = 'http://127.0.0.1:5985/' if args.server: _server = args.server _user = '******' if args.user: _user = args.user _password = '******' if args.password: _password = args.password output = 'output/' if args.output: output = args.output loglevel = 'debug' if args.log: loglevel = args.log for d in [output, 'log/']: if not os.path.isdir(d): os.makedirs(d) numeric_level = getattr(logging, loglevel.upper(), None) if not isinstance(numeric_level, int): raise ValueError('Invalid log level: %s' % loglevel) if not logger.handlers: logger.propagate = 0 logger.setLevel(numeric_level) fh = logging.FileHandler('log/searcher.log') fh.setLevel(numeric_level) # create console handler with a higher log level ch = logging.StreamHandler() ch.setLevel(numeric_level) # create formatter and add it to the handlers formatter = logging.Formatter( '%(asctime)s - %(name)s - %(levelname)s: %(message)s', datefmt='%m/%d/%Y %I:%M:%S %p') fh.setFormatter(formatter) ch.setFormatter(formatter) logger.addHandler(fh) logger.addHandler(ch) try: session_cookie = login_user(_server, _user, _password) if not session_cookie: raise UserWarning('Invalid credentials!') else: CONF.setDBUser(_user) CONF.setDBSessionCookies(session_cookie) server.AUTH_USER = _user server.AUTH_PASS = _password server.SERVER_URL = _server server.FARADAY_UP = False logger.info('Started') logger.info('Searching objects into workspace %s ' % workspace) logger.debug("Getting hosts ...") hosts = models.get_hosts(workspace) logger.debug("Getting services ...") services = models.get_services(workspace) logger.debug("Getting vulnerabilities ...") vulns = models.get_all_vulns(workspace) if validate_rules(): process_vulnerabilities(workspace, vulns, _server) process_services(workspace, services, _server) process_hosts(workspace, hosts, _server) # Remove lockfile os.remove(lockf) logger.info('Finished') except ResourceDoesNotExist: logger.error("Resource not found") os.remove(lockf) exit(0) except Exception as errorMsg: logger.error(errorMsg) os.remove(lockf) exit(0)