Python connect_elasticsearch Exemples, DAO.db_connect.connect_elasticsearch Python Exemples

Exemple #1

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def add_user(username, password, fullname, role):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            otp_secret = base64.b32encode(os.urandom(15)).decode('utf-8')
            _password = hash_pass.make_hash(password)
            timestamp_created = datetime.timestamp(datetime.now())
            body = {
                "username": username,
                "password": _password,
                "firstlogin": True,
                "fullname": fullname,
                "role": role,
                "otp_secret": otp_secret,
                "is_disable": False,
                "failure": 0,
                "timestamp_created": timestamp_created
            }
            raw_data = es.index(index=ElasticConfig.USERS_INDEX, body=body)
            if raw_data['result'] == 'created':
                return True
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #2

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def check_username_exist(username):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            body = {
                "query": {
                    "bool": {
                        "must": [{
                            "match": {
                                "username": username
                            }
                        }]
                    }
                }
            }
            raw_data = es.search(index=ElasticConfig.USERS_INDEX, body=body)
            if type(raw_data['hits']['total']) == dict:
                total = raw_data['hits']['total']['value']
            else:
                total = raw_data['hits']['total']
            if total != 0:
                return True
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #3

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def get_user_by_username_password(username, password):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            hashed_password = hash_pass.make_hash(password)
            body = {
                "query": {
                    "bool": {
                        "must": [{
                            "match": {
                                "username": username
                            }
                        }, {
                            "match": {
                                "password": hashed_password
                            }
                        }]
                    }
                }
            }
            raw_data = es.search(index=ElasticConfig.USERS_INDEX, body=body)
            return raw_data
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #4

0

Afficher le fichier

def nikto_overview():
    try:
        es = db_connect.connect_elasticsearch()
        try:
            # Process sort and body from arguments
            q = request.args.get('q')
            paging_from = int(request.args.get('page') or 1)
            paging_size = ElasticConfig.DEFAULT_PAGE_SIZE
            if 'size' in request.args:
                paging_size = int(request.args.get('size'))
                session['paging_size'] = paging_size
            elif 'paging_size' in session:
                paging_size = session['paging_size']

            sort = request.args.get('sort')
            index = request.args.get('index')
            if index is None:
                index = "scanstat.startTime"
            if sort is None:
                sort = "desc"
            sort_query = generateSortQuery(sort, index)
            body = generateBody(q, paging_from, paging_size)

            # Process data
            rawData = es.search(index=ElasticConfig.NIKTO_INDEX,
                                body=body,
                                sort=sort_query)
            processed_data = json.loads(processNikto(rawData))
            paging_total = processed_data['total']
            paging = {
                "paging_from":
                paging_from,
                "paging_size":
                paging_size,
                "paging_total":
                paging_total,
                "left_page":
                max(paging_from - 2, 1),
                "right_page":
                min(
                    max(paging_from - 2, 1) + 4,
                    math.ceil(paging_total / paging_size))
            }
            if sort == "desc":
                sort = "asc"
            else:
                sort = "desc"
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")
    session['module'] = "nikto"
    session['overview'] = True
    return render_template('nikto.html',
                           response=processed_data,
                           q=q,
                           sorting=sort,
                           index=index,
                           paging=paging)

Exemple #5

0

Afficher le fichier

Fichier : delete_scan.py Projet : vietnakid/WebPortalVulnerabilityManagement

def delete_scan():
    try:
        es = db_connect.connect_elasticsearch()
        scanId = request.form.get('scanId')    
        es.update(index=ElasticConfig.SCAN_INDEX, doc_type='_doc', id=scanId, body={"doc": {"isDeleted": True}})
    except:
        logging.exception(msg="Connect database failed!")
    return redirect(url_for('scan_overview'))

Exemple #6

0

Afficher le fichier

def dashboard():
    try:
        es = db_connect.connect_elasticsearch()
        try:
            session[
                'auto_refresh'] = ElasticConfig.DEFAULT_REFRESH_DASHBOARD_TIME
            # Get auto refresh time if any
            if request.method == 'POST':
                session['auto_refresh'] = request.form.get(
                    'auto-refresh-time'
                ) if request.form.get(
                    'auto-refresh-time'
                ) is not None else ElasticConfig.DEFAULT_REFRESH_DASHBOARD_TIME

            # Get vulnerabilities
            raw_vul_count = es.search(index=ElasticConfig.VULNERABILITY_INDEX,
                                      body=DashboardQueryBody.VUL_COUNT)
            raw_vul_critical = es.search(
                index=ElasticConfig.VULNERABILITY_INDEX,
                body=DashboardQueryBody.VUL_TOP_CRITICAL)
            raw_vul_recent = es.search(index=ElasticConfig.VULNERABILITY_INDEX,
                                       body=DashboardQueryBody.VUL_TOP_RECENT)
            raw_vul_timeline = es.search(
                index=ElasticConfig.VULNERABILITY_INDEX,
                body=DashboardQueryBody.VUL_TIMELINE)

            # Get targets
            raw_target_vul_count = es.search(
                index=ElasticConfig.VULNERABILITY_INDEX,
                body=DashboardQueryBody.TARGET_VUL_COUNT)
            raw_target_critical_count = es.search(
                index=ElasticConfig.VULNERABILITY_INDEX,
                body=DashboardQueryBody.TARGET_CRITICAL_COUNT)

            # Process
            vul_count = json.loads(count_vul(raw_vul_count))
            vul_critical = json.loads(process_vul(raw_vul_critical))
            vul_recent = json.loads(process_vul(raw_vul_recent))
            print(raw_vul_timeline)
            json_vul_timeline = process_vul_timeline(raw_vul_timeline)

            target_vul_count = json.loads(process_target(raw_target_vul_count))
            target_vul_critical = json.loads(
                process_target(raw_target_critical_count))

        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")
    session['module'] = "dashboard"
    return render_template('dashboard.html',
                           vul_count=vul_count,
                           vul_critical=vul_critical,
                           vul_recent=vul_recent,
                           target_vul_count=target_vul_count,
                           target_vul_critical=target_vul_critical,
                           json_vul_timeline=json_vul_timeline)

Exemple #7

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def check_current_password(userid, password):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            raw_data = es.get(index=ElasticConfig.USERS_INDEX, id=userid)
            hashed_pass = hash_pass.make_hash(password)
            if raw_data['found'] and raw_data['_source'][
                    'password'] == hashed_pass:
                return True
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #8

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def delete_user(userid):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            raw_data = es.delete(index=ElasticConfig.USERS_INDEX, id=userid)
            if raw_data['result'] == 'deleted':
                return True
            return False
        except elasticsearch.exceptions.NotFoundError:
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #9

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def check_disabled_user_by_id(userid):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            raw_data = es.get(index=ElasticConfig.USERS_INDEX, id=userid)
            if raw_data['found']:
                is_disable = raw_data['_source']['is_disable']
                return is_disable
            return True
        except elasticsearch.exceptions.NotFoundError:
            return True
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #10

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def get_user_by_id(userid):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            raw_data = es.get(index=ElasticConfig.USERS_INDEX, id=userid)
            if raw_data['found']:
                result = raw_data['_source']
                result['id'] = raw_data['_id']
                return result
            else:
                return []
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #11

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def update_user(userid, fullname):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            script = "ctx._source.fullname = '{}'".format(fullname)
            body = {"script": script}
            raw_data = es.update(index=ElasticConfig.USERS_INDEX,
                                 body=body,
                                 id=userid)
            if raw_data['result'] == 'updated':
                return True
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #12

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def change_password(userid, new_password):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            script = "ctx._source.password = '******'".format(
                hash_pass.make_hash(new_password))
            body = {"script": script}
            raw_data = es.update(index=ElasticConfig.USERS_INDEX,
                                 body=body,
                                 id=userid)
            if raw_data['result'] == 'updated':
                return True
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #13

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def disable_user(userid):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            body = {"script": "ctx._source.is_disable = true"}
            raw_data = es.update(index=ElasticConfig.USERS_INDEX,
                                 body=body,
                                 id=userid)
            if raw_data['result'] == 'updated':
                return True
            return False
        except elasticsearch.exceptions.NotFoundError:
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #14

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def get_list_user(paging_size, paging_from):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            sort_query = "timestamp_created:asc"
            query_body = {
                "from": (paging_from - 1) * paging_size,
                "size": paging_size
            }
            raw_data = es.search(index=ElasticConfig.USERS_INDEX,
                                 size=paging_size,
                                 body=query_body,
                                 sort=sort_query)
            return raw_data
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #15

0

Afficher le fichier

def wappalyzer_detail():
    id = request.args.get('id')
    if id is None:
        return render_template('404.html')
    try:
        es = db_connect.connect_elasticsearch()
        try:
            raw_data = es.get(index=ElasticConfig.WAPPALYZER_INDEX,
                              doc_type="_doc",
                              id=id)
            processed_data = json.loads(processWappalyzerDetail(raw_data))
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")
    session['module'] = "wappalyzer"
    session['overview'] = False
    return render_template('wappalyzer-detail.html', response=processed_data)

Exemple #16

0

Afficher le fichier

Fichier : detail.py Projet : vietnakid/WebPortalVulnerabilityManagement

def acu_detail(id):
    if id is None:
        return render_template('acu-detail.html')
    else:
        try:
            es = db_connect.connect_elasticsearch()
            try:
                raw_data = es.get(index=ElasticConfig.ACUNETIX_SUMMARY_INDEX,
                                  doc_type="_doc",
                                  id=id)
                # print(raw_data)
                processed_data = json.loads(processAcunetixDetail(raw_data))
            except:
                logging.exception(msg="Fail")
        except:
            logging.exception(msg="Fail")
    session['module'] = "acunetix"
    session['overview'] = False
    return render_template('acu-detail.html', response=processed_data)

Exemple #17

0

Afficher le fichier

def cve_detail():
    id = request.args.get('id')
    if id is None:
        return render_template('404.html')
    else:
        try:
            es = db_connect.connect_elasticsearch()
            try:
                raw_data = es.get(index=ElasticConfig.CVESEARCH_INDEX,
                                  doc_type="_doc",
                                  id=id)
                processed_data = processCveDetail(raw_data)
            except:
                logging.exception(msg="Fail")
        except:
            logging.exception(msg="Fail")
    session['module'] = "cve"
    session['overview'] = False
    return render_template('cve-detail.html', response=processed_data)

Exemple #18

0

Afficher le fichier

Fichier : detail.py Projet : vietnakid/WebPortalVulnerabilityManagement

def nessus_detail(id):
    if id is None:
        return render_template('404.html')
    else:
        try:
            es = db_connect.connect_elasticsearch()
            try:
                raw_data = es.get(index=ElasticConfig.NESSUS_INDEX,
                                  doc_type="_doc",
                                  id=id)
                # print(raw_data)
                processed_data = processNessusDetail(raw_data)
            except:
                logging.exception(msg="Fail")
        except:
            logging.exception(msg="Fail")
    session['module'] = "nessus"
    session['overview'] = False
    return render_template('nessus-detail.html', response=processed_data)

Exemple #19

0

Afficher le fichier

Fichier : detail.py Projet : vietnakid/WebPortalVulnerabilityManagement

def nse_detail():
    id = request.args.get('id')
    if id is None:
        return render_template('nse-detail.html')
    try:
        es = db_connect.connect_elasticsearch()
        try:
            raw_data = es.get(index=ElasticConfig.NSE_INDEX,
                              doc_type="_doc",
                              id=id)
            processed_data = json.loads(processNSEDetail(raw_data))
            print(processed_data)
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")
    session['module'] = "nse"
    session['overview'] = False
    return render_template('nse-detail.html', response=processed_data)

Exemple #20

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def change_status_first_login(userid, status):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            if status:
                status = 'true'
            else:
                status = 'false'
            body = {"script": "ctx._source.firstlogin = {}".format(status)}
            raw_data = es.update(index=ElasticConfig.USERS_INDEX,
                                 body=body,
                                 id=userid)
            if raw_data['result'] == 'updated':
                return True
            return False
        except elasticsearch.exceptions.NotFoundError:
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #21

0

Afficher le fichier

Fichier : detail.py Projet : vietnakid/WebPortalVulnerabilityManagement

def acu_detail_row(id, vul_id):
    if id is None or vul_id is None:
        return render_template('500.html')
    else:
        try:
            es = db_connect.connect_elasticsearch()
            try:
                raw_data = es.get(index=ElasticConfig.ACUNETIX_DETAIL_INDEX,
                                  doc_type="_doc",
                                  id=vul_id)
                processed_data = json.loads(
                    processDetailVulnerability(raw_data, vul_id=vul_id))
                attack = render_template_string(
                    processed_data.get('attack_detail'))
            except:
                logging.exception(msg="Fail")
        except:
            logging.exception(msg="Fail")
    return render_template('acu-detail-vul.html',
                           response=processed_data,
                           attack=attack)

Exemple #22

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def increase_number_of_failure(username, flag):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            body = {
                "query": {
                    "bool": {
                        "must": [{
                            "match": {
                                "username": username
                            }
                        }]
                    }
                }
            }
            raw_data = es.search(index=ElasticConfig.USERS_INDEX, body=body)
            if type(raw_data['hits']['total']) == dict:
                total = raw_data['hits']['total']['value']
            else:
                total = raw_data['hits']['total']
            if total != 0:
                userid = raw_data['hits']['hits'][0]['_id']
                failure = raw_data['hits']['hits'][0]['_source']['failure']
                if flag == 1:
                    failure = failure + 1
                    body = {"script": "ctx._source.failure += 1"}
                else:
                    body = {"script": "ctx._source.failure = 0"}
                raw_data = es.update(index=ElasticConfig.USERS_INDEX,
                                     body=body,
                                     id=userid)
                if failure >= 3:
                    disable_user(userid)
                if raw_data['result'] == 'updated':
                    return True
                return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #23

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def update_user_by_admin(userid, new_password, fullname, role):
    try:
        if new_password:
            hashed_password = hash_pass.make_hash(new_password)
            script = "ctx._source.password = '******'; ctx._source.fullname = '{}'; ctx._source.role = {};".format(
                hashed_password, fullname, role)
        else:
            script = "ctx._source.fullname = '{}'; ctx._source.role = {};".format(
                fullname, role)
        es = db_connect.connect_elasticsearch()
        try:
            body = {"script": script}
            raw_data = es.update(index=ElasticConfig.USERS_INDEX,
                                 body=body,
                                 id=userid)
            if raw_data['result'] == 'updated':
                return True
            return False
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #24

0

Afficher le fichier

def target_detail(id):
    if id is None:
        return render_template('target-detail.html')
    else:
        try:
            es = db_connect.connect_elasticsearch()
            try:
                query_body = {
                    "size": 10000,
                    "query": {
                        "bool": {
                            "should": [
                            {
                                "query_string": {
                                "fields": ["id"],
                                "query": id
                                }
                            }
                            ]
                        }
                    }
                }
                rawData = es.search(index=ElasticConfig.ALL_INDEX, body=query_body)
                
                processed_data = processTargetData(rawData)

                nmapData = mergeNmapAndNSE(processed_data)
                wappalyzerData = processed_data.get('wappalyzer', [])
                niktoData = processed_data.get('nikto', [])
                acunetixData = processed_data.get('acunetix', [])
                nessusData = processed_data.get('nessus', [])
                cvesearchData = processed_data.get('cvesearch', [])
            except:
                logging.exception(msg="Fail")
        except:
            logging.exception(msg="Fail")
    session['module'] = "target"
    session['overview'] = False
    return render_template('target-detail.html', nmapData = nmapData, wappalyzerData = wappalyzerData, niktoData = niktoData, acunetixData = acunetixData, nessusData = nessusData, cvesearchData = cvesearchData)

Exemple #25

0

Afficher le fichier

Fichier : user_dal.py Projet : vietnakid/WebPortalVulnerabilityManagement

def search_list_user(paging_size, paging_from, search_query):
    try:
        es = db_connect.connect_elasticsearch()
        try:
            sort_query = "timestamp_created:asc"
            query_body = {
                "from": (paging_from - 1) * paging_size,
                "size": paging_size,
                "query": {
                    "query_string": {
                        "fields": ["username", "fullname"],
                        "query": "*{}*".format(search_query)
                    }
                }
            }
            raw_data = es.search(index=ElasticConfig.USERS_INDEX,
                                 size=paging_size,
                                 body=query_body,
                                 sort=sort_query)
            return raw_data
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")

Exemple #26

0

Afficher le fichier

Fichier : overview.py Projet : vietnakid/WebPortalVulnerabilityManagement

def nessus_overview():
    try:
        es = db_connect.connect_elasticsearch()
        try:
            # Process sort and body from arguments
            search_query = request.args.get('q') or ''
            _search_query = ' '.join('*' + _ + '*'
                                     for _ in search_query.split(' '))
            paging_from = int(request.args.get('page') or 1)
            paging_size = ElasticConfig.DEFAULT_PAGE_SIZE
            if 'size' in request.args:
                paging_size = int(request.args.get('size'))
                session['paging_size'] = paging_size
            elif 'paging_size' in session:
                paging_size = session['paging_size']
            sort = request.args.get('sort')
            index = request.args.get('index')
            if index is None:
                index = "scanstat.startTime"
            if sort is None:
                sort = "desc"
            sort_query = generateSortQuery(sort, index)
            query_body = {
                "_source": [
                    "target", "vuln_stats", "scanstat", "hostname", "ports",
                    "scan_id", "scan_name", "root_scan_id"
                ],
                "from": (paging_from - 1) * paging_size,
                "size":
                paging_size,
                "query": {
                    "bool": {
                        "filter": {
                            "bool": {
                                "should": [{
                                    "query_string": {
                                        "fields": [
                                            "target", "hostname", "scan_id",
                                            "scan_name"
                                        ],
                                        "query":
                                        _search_query
                                    }
                                }]
                            }
                        }
                    }
                }
            }
            # Process data
            rawData = es.search(index=ElasticConfig.NESSUS_INDEX,
                                body=query_body,
                                sort=sort_query)
            processed_data = processNessus(rawData)
            paging_total = processed_data['total']
            paging = {
                "paging_from":
                paging_from,
                "paging_size":
                paging_size,
                "paging_total":
                paging_total,
                "left_page":
                max(paging_from - 2, 1),
                "right_page":
                min(
                    max(paging_from - 2, 1) + 4,
                    math.ceil(paging_total / paging_size))
            }
            if sort == "desc":
                sort = "asc"
            else:
                sort = "desc"
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")
    session['module'] = "nessus"
    session['overview'] = True
    return render_template('nessus.html',
                           response=processed_data,
                           search_query=search_query,
                           sorting=sort,
                           index=index,
                           paging=paging)

Exemple #27

0

Afficher le fichier

def getDataFromElastic(targetIds):

    result = dict()
    try:
        es = db_connect.connect_elasticsearch()
        query_body = {
            "query": {
                "bool": {
                    "should": [{
                        "query_string": {
                            "fields": ["id"],
                            "query": targetIds
                        }
                    }]
                }
            },
            "size": 0,
            "aggs": {
                "group_by_target_id": {
                    "terms": {
                        "field": "id.keyword",
                        "size": ElasticConfig.MAX_SIZE_AGGS
                    },
                    "aggs": {
                        "informational": {
                            "sum": {
                                "field": "vuln_stats.informational"
                            }
                        },
                        "low": {
                            "sum": {
                                "field": "vuln_stats.low"
                            }
                        },
                        "medium": {
                            "sum": {
                                "field": "vuln_stats.medium"
                            }
                        },
                        "high": {
                            "sum": {
                                "field": "vuln_stats.high"
                            }
                        }
                    }
                }
            }
        }
        rawData = es.search(index=[
            ElasticConfig.ACUNETIX_SUMMARY_INDEX,
            ElasticConfig.CVESEARCH_INDEX, ElasticConfig.NESSUS_INDEX,
            ElasticConfig.NIKTO_INDEX
        ],
                            body=query_body)
        processing_data = rawData['aggregations']["group_by_target_id"][
            "buckets"]
        for data in processing_data:
            res = {
                "low": int(data['low']['value']),
                "informational": int(data['informational']['value']),
                "high": int(data['high']['value']),
                "medium": int(data['medium']['value'])
            }
            result[data.get('key')] = res

    except:
        logging.exception(msg="Something went wrong!")
    return result

Exemple #28

0

Afficher le fichier

def targets_overview():
    try:
        es = db_connect.connect_elasticsearch()
        try:
            # Bar chart
            raw_top_target = es.search(
                index=ElasticConfig.VULNERABILITY_INDEX,
                body=DashboardQueryBody.TARGET_VUL_COUNT)
            top_target = json.loads(process_bar_chart(raw_top_target))

            # Process sort and body from arguments
            search_query = request.args.get('q') or ''
            _search_query = ' '.join('*' + _ + '*'
                                     for _ in search_query.split(' '))
            paging_from = int(request.args.get('page') or 1)
            paging_size = ElasticConfig.DEFAULT_PAGE_SIZE
            if 'size' in request.args:
                paging_size = int(request.args.get('size'))
                session['paging_size'] = paging_size
            elif 'paging_size' in session:
                paging_size = session['paging_size']
            sort = request.args.get('sort')
            index = request.args.get('index')
            if index is None:
                index = "scanstat.startTime"
            if sort is None:
                sort = "desc"
            sort_query = generateSortQuery(sort, index)
            query_body = {
                "_source": [
                    "target", "hostname", "status", "root_scan_id", "scan_id",
                    "scan_name", "scanstat.startTime", "id"
                ],
                "from": (paging_from - 1) * paging_size,
                "size":
                paging_size,
                "query": {
                    "bool": {
                        "should": [{
                            "query_string": {
                                "fields": [
                                    "target", "hostname", "status", "scan_id",
                                    "scan_name"
                                ],
                                "query":
                                _search_query
                            }
                        }]
                    }
                }
            }
            # Process data
            rawData = es.search(index=ElasticConfig.NMAP_INDEX,
                                body=query_body,
                                sort=sort_query)
            processed_data = processScan(rawData)

            targetIds = ''
            for data in processed_data['records']:
                targetIds += data["id"] + ' '

            summary_result = getSummaryResult(targetIds)

            for i in range(len(processed_data['records'])):
                data = processed_data['records'][i]
                processed_data['records'][i][
                    'summary_result'] = summary_result[
                        processed_data['records'][i]['id']]
            paging_total = processed_data['total']
            paging = {
                "paging_from":
                paging_from,
                "paging_size":
                paging_size,
                "paging_total":
                paging_total,
                "left_page":
                max(paging_from - 2, 1),
                "right_page":
                min(
                    max(paging_from - 2, 1) + 4,
                    math.ceil(paging_total / paging_size))
            }
            if sort == "desc":
                sort = "asc"
            else:
                sort = "desc"
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail When Connect To ElasticSearch Database")
    session['module'] = "target"
    session['overview'] = True
    return render_template('targets.html',
                           response=processed_data,
                           search_query=search_query,
                           index=index,
                           sorting=sort,
                           paging=paging,
                           top_target=top_target)

Exemple #29

0

Afficher le fichier

def vulnerability_overview():
    try:
        es = db_connect.connect_elasticsearch()
        try:
            # Chart
            vul_count_raw = es.search(index=ElasticConfig.VULNERABILITY_INDEX,
                                      body=DashboardQueryBody.VUL_COUNT)
            vul_count = json.loads(count_vul(vul_count_raw))

            # Process sort and body from arguments
            q = request.args.get('q')
            paging_from = int(request.args.get('page') or 1)
            paging_size = ElasticConfig.DEFAULT_PAGE_SIZE
            if 'size' in request.args:
                paging_size = int(request.args.get('size'))
                session['paging_size'] = paging_size
            elif 'paging_size' in session:
                paging_size = session['paging_size']
            sort = request.args.get('sort')
            index = request.args.get('index')
            if index is None:
                index = "scanstat.startTime"
            if sort is None:
                sort = "desc"
            sort_query = generateSortQuery(sort, index)
            body = generateBody(q, paging_from, paging_size)

            # Process data
            rawData = es.search(index=ElasticConfig.VULNERABILITY_INDEX,
                                body=body,
                                sort=sort_query)

            processed_data = process_vulnerability(rawData)
            # Backward version of elasticSearch compatitive
            if type(rawData['hits']['total']) == dict:
                paging_total = rawData['hits']['total']['value']
            else:
                paging_total = rawData['hits']['total']

            paging = {
                "paging_from":
                paging_from,
                "paging_size":
                paging_size,
                "paging_total":
                paging_total,
                "left_page":
                max(paging_from - 2, 1),
                "right_page":
                min(
                    max(paging_from - 2, 1) + 4,
                    math.ceil(paging_total / paging_size))
            }
            if sort == "desc":
                sort = "asc"
            else:
                sort = "desc"
        except:
            logging.exception(msg="Fail!")
    except:
        logging.exception(msg="Fail")
    session['module'] = "vulnerability"
    session['overview'] = True
    return render_template('vulnerability.html',
                           response=processed_data,
                           q=q,
                           sorting=sort,
                           index=index,
                           paging=paging,
                           vul_count=vul_count)

Exemple #30

0

Afficher le fichier

Fichier : overview.py Projet : vietnakid/WebPortalVulnerabilityManagement

def scan_overview():
    try:
        es = db_connect.connect_elasticsearch()
        try:
            # Process sort and body from arguments
            search_query = request.args.get('q') or ''
            _search_query = ' '.join(
                '*'+_+'*' for _ in search_query.split(' '))
            paging_from = int(request.args.get('page') or 1)
            paging_size = ElasticConfig.DEFAULT_PAGE_SIZE
            if 'size' in request.args:
                paging_size = int(request.args.get('size'))
                session['paging_size'] = paging_size
            elif 'paging_size' in session:
                paging_size = session['paging_size']

            sort = request.args.get('sort')
            index = request.args.get('index')
            if index is None:
                index = "scanstat.startTime"
            if sort is None:
                sort = "desc"
            sort_query = generateSortQuery(sort, index)
            query_body = {
                "_source": ["target", "created_date", "next_run_at", "next_run_at", "run_interval", "scan_type", "scanned_time", "name", "description", "isStopped"],
                "from": (paging_from - 1) * paging_size,
                "size": paging_size,
                "query": {
                    "bool": {
                        "filter": {
                            "bool": {
                                "must_not": [
                                    {"match": {"isDeleted": True}}
                                ],
                                "should": [
                                    {
                                        "query_string": {
                                            "fields": ["target"],
                                            "query": _search_query
                                        }
                                    }
                                ]
                            }
                        }
                    }
                }
            }
            # Process data
            rawData = es.search(
                index=ElasticConfig.SCAN_INDEX, body=query_body, sort=sort_query)
            processed_data = processScan(rawData)

            root_scan_id = ''
            for data in processed_data['records']:
                root_scan_id += data["id"] + ' '

            summary_result = getSummaryResult(root_scan_id)

            for i in range(len(processed_data['records'])):
                data = processed_data['records'][i]
                processed_data['records'][i]['summary_result'] = summary_result[processed_data['records'][i]['id']]

            paging_total = processed_data['total']
            paging = {
                "paging_from": paging_from,
                "paging_size": paging_size,
                "paging_total": paging_total,
                "left_page": max(paging_from - 2, 1),
                "right_page": min(max(paging_from - 2, 1) + 4, math.ceil(paging_total / paging_size))
            }
            if sort == "desc":
                sort = "asc"
            else:
                sort = "desc"
        except:
            logging.exception(msg="Fail")
    except:
        logging.exception(msg="Fail")
    session['module'] = "scan"
    session['overview'] = True
    return render_template('scan.html', response=processed_data, search_query=search_query, sorting=sort, index=index, paging=paging)