Python vuln_parse Examples

Programming Language: Python

Namespace/Package Name: skaldship.nexpose

Method/Function: vuln_parse

Examples at hotexamples.com: 1

Python vuln_parse - 1 examples found. These are the top rated real world Python examples of skaldship.nexpose.vuln_parse extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

def import_vulnid():
    """
    Downloads the detailed vulnerability data from Nexpose based on
    a vuln id passed to it
    """
    form = SQLFORM.factory(
        Field('nexid', 'string', label=T('Nexpose ID')),
        Field('nexid_list', 'text', label=T('Nexpose ID List')))

    response.title = "%s :: Import Nexpose VulnID" % settings.title
    nexpose_config = nexpose_get_config()

    if form.process().accepted:
        from NexposeAPI import VulnData
        from skaldship.nexpose import vuln_parse

        nxvulns = VulnData()
        nxvulns.host = nexpose_config['host']
        nxvulns.port = nexpose_config['port']

        nexpose_ids = []
        if form.vars.nexid:
            nexpose_ids.extend([form.vars.nexid])
        if form.vars.nexid_list:
            nexpose_ids.extend(form.vars.nexid_list.split('\r\n'))

        res = nxvulns.login(user_id=nexpose_config['user'],
                            password=nexpose_config['password'])
        if res:
            stats = {'added': 0, 'invalid': 0}
            for nexid in nexpose_ids:
                vulndetails = nxvulns.detail(nexid)
                if vulndetails is not None:
                    (vulnfields, references) = vuln_parse(
                        vulndetails.find('Vulnerability'), fromapi=True)
                else:
                    stats['invalid'] += 1
                    continue

                # add the vulnerability to t_vulndata
                query = (db.t_vulndata.f_vulnid == nexid)
                vulnid = db.t_vulndata.update_or_insert(query, **vulnfields)
                if not vulnid:
                    row = db(query).select().first()
                    if row:
                        vulnid = row.id
                    else:
                        log(" [!] Could not find %s in database.." % nexid,
                            logging.WARN)
                        stats['invalid'] += 1
                        continue

                db.commit()

                # add the references
                if vulnid is not None and references:
                    for reference in references:
                        # check to see if reference exists first
                        query = (db.t_vuln_refs.f_source == reference[0]) & (
                            db.t_vuln_refs.f_text == reference[1])
                        ref_id = db.t_vuln_refs.update_or_insert(
                            query, f_source=reference[0], f_text=reference[1])
                        if not ref_id:
                            ref_id = db(query).select().first().id

                        # make many-to-many relationship with t_vuln_data
                        db.t_vuln_references.update_or_insert(
                            f_vuln_ref_id=ref_id, f_vulndata_id=vulnid)
                        db.commit()

                from skaldship.exploits import connect_exploits
                connect_exploits()
                log(" [-] Added Nexpose vulnerability: %s" % nexid)
                stats['added'] += 1
            response.flash = "%s added, %s skipped" % (stats['added'],
                                                       stats['invalid'])
            return dict(form=form)
        else:
            response.flash = "Unable to login to Nexpose"
    elif form.errors:
        response.flash = "Error in form"

    return dict(form=form)