def import_notes(parsed_notes):
"""import vulns from parsed data"""
for inote in parsed_notes:
host = Host.query.filter(Host.address == inote.handle['host']).one()
service_id = func.concat(Service.proto, '/', Service.port)
service = Service.query.filter(
Service.host == host,
service_id == inote.handle.get('service')).one_or_none()
note = Note.query.filter(
Note.host == host, Note.service == service,
Note.xtype == inote.handle['note']).one_or_none()
if not note:
note = Note(host=host, service=service, xtype=inote.xtype)
db.session.add(note)
note.update(inote)
if 'vuln' in inote.handle:
vuln = Vuln.query.filter(Vuln.host == host,
Vuln.service == service,
Vuln.xtype == inote.handle['vuln']).one()
vuln.refs = [f'SN-{note.id}'] + vuln.refs
db.session.commit()
def import_notes(pidb):
"""import vulns from parsed data"""
for inote in pidb.notes.values():
host = existing_host(pidb.hosts[inote.host_handle], required=True)
service = existing_service(
host, pidb.services[inote.service_handle],
required=True) if inote.service_handle else None
note = existing_note(host, service, inote)
if not note:
note = Note(host=host,
service=service,
via_target=inote.via_target,
xtype=inote.xtype)
db.session.add(note)
note.update(inote)
db.session.commit()
def import_hosts(parsed_hosts):
"""import hosts from parsed data"""
for ihost in parsed_hosts:
host = Host.query.filter(Host.address == ihost.address).one_or_none()
if not host:
host = Host(address=ihost.address)
db.session.add(host)
host.update(ihost)
if ihost.hostnames:
note = Note.query.filter(Note.host == host,
Note.xtype == 'hostnames').one_or_none()
if not note:
note = Note(host=host, xtype='hostnames', data='[]')
db.session.add(note)
note.data = json.dumps(
list(set(json.loads(note.data) + ihost.hostnames)))
db.session.commit()
def note_add_route(model_name, model_id):
"""add note to host"""
host, service = get_related_models(model_name, model_id)
form = NoteForm(host_id=host.id, service_id=(service.id if service else None))
if form.validate_on_submit():
note = Note()
form.populate_obj(note)
db.session.add(note)
db.session.commit()
return redirect(url_for('storage.host_view_route', host_id=note.host_id))
return render_template('storage/note/addedit.html', form=form, host=host, service=service)
def initdata(): # pylint: disable=too-many-statements
"""put initial data to database"""
# auth test data
db.session.add(
User(username='******',
active=True,
roles=['user', 'operator', 'admin']))
# scheduler test data
db.session.add(
Excl(family=ExclFamily.network,
value='127.66.66.0/26',
comment='blacklist 1'))
db.session.add(
Excl(family=ExclFamily.regex,
value=r'^tcp://.*:22$',
comment='avoid ssh'))
queue = Queue(name='dev dummy',
config=yaml_dump({
'module': 'dummy',
'args': '--dummyparam 1'
}),
group_size=2,
priority=10,
active=True)
db.session.add(queue)
for target in range(3):
db.session.add(Target(target=target, queue=queue))
db.session.add(
Queue(
name='pentest full syn scan',
config=yaml_dump({
'module':
'nmap',
'args':
'-sS -A -p1-65535 -Pn --max-retries 3 --script-timeout 10m --min-hostgroup 20 --min-rate 900 --max-rate 1500'
}),
group_size=20,
priority=10,
))
db.session.add(
Queue(
name='disco syn scan top10000',
config=yaml_dump({
'module': 'nmap',
'args': '-sS --top-ports 10000 -Pn',
'timing_perhost': 4
}),
group_size=1000,
priority=10,
))
db.session.add(
Queue(
name='disco ipv6 dns discover',
config=yaml_dump({
'module': 'six_dns_discover',
'delay': 1
}),
group_size=1000,
priority=10,
))
db.session.add(
Queue(
name='disco ipv6 enum discover',
config=yaml_dump({
'module': 'six_enum_discover',
'rate': 100
}),
group_size=5,
priority=10,
))
db.session.add(
Queue(
name='data version scan basic',
config=yaml_dump({
'module': 'manymap',
'args': '-sV --version-intensity 4 -Pn',
'delay': 5
}),
group_size=50,
priority=15,
))
db.session.add(
Queue(
name='data jarm scan',
config=yaml_dump({
'module': 'jarm',
'delay': 5
}),
group_size=50,
priority=15,
))
db.session.add(
Queue(
name='data script scan basic',
config=yaml_dump({
'module': 'manymap',
'args':
'-sS --script default,http-headers,ldap-rootdse,ssl-cert,ssl-enum-ciphers,ssh-auth-methods --script-timeout 10m -Pn',
'delay': 5
}),
group_size=50,
priority=15,
))
# storage test data host1
aggregable_vuln = {
'name': 'aggregable vuln',
'xtype': 'x.agg',
'severity': SeverityEnum.medium
}
host = Host(address='127.4.4.4',
hostname='testhost.testdomain.test<script>alert(1);</script>',
os='Test Linux 1',
comment='a some unknown service server')
db.session.add(host)
db.session.add(
Service(host=host,
proto='tcp',
port=12345,
state='open:testreason',
name='svcx',
info='testservice banner',
comment='manual testservice comment'))
db.session.add(Vuln(host=host, **aggregable_vuln))
# storage test data host2
host = Host(address='127.3.3.3',
hostname='testhost1.testdomain.test',
os='Test Linux 2',
comment='another server')
db.session.add(host)
db.session.add(
Service(host=host,
proto='tcp',
port=12345,
state='closed:testreason',
name='svcx'))
db.session.add(
Vuln(host=host,
name='test vulnerability',
xtype='testxtype.123',
severity=SeverityEnum.critical,
comment='a test vulnerability comment',
refs=['ref1', 'ref2'],
tags=['tag1', 'tag2']))
db.session.add(
Vuln(host=host,
name='another test vulnerability',
xtype='testxtype.124',
severity=SeverityEnum.high,
comment='another vulnerability comment',
tags=None))
db.session.add(
Vuln(host=host,
name='vulnerability1',
xtype='testxtype.124',
severity=SeverityEnum.medium,
tags=['info']))
db.session.add(
Vuln(host=host,
name='vulnerability2',
xtype='testxtype.124',
severity=SeverityEnum.low,
tags=['report']))
db.session.add(
Vuln(host=host,
name='vulnerability2',
xtype='testxtype.124',
severity=SeverityEnum.info,
tags=['info']))
db.session.add(
Vuln(host=host,
service=Service.query.first(),
name='vulnerability3',
xtype='testxtype.124',
severity=SeverityEnum.unknown,
tags=['report']))
db.session.add(Vuln(host=host, **aggregable_vuln))
db.session.add(
Note(host=host,
xtype='sner.testnote',
data='testnote data',
comment='test note comment'))
db.session.commit()