def __init__(self): Thread.__init__(self) Observable.__init__(self) self.scanListe = [] self.ScannerNessus = Nessus() self.attenteNessus = [] try: self.ScannerNessus.connexion() except: pass self.log = log(CHEMIN_LOGS + 'scan.log', 'scanner.' + 'srv_tache')
def testConnectionNessus(address,port,login,password,verify=False): try: verify=True if (verify=='True' or verify=='true' or verify=='on' or verify==True) else False ScannerNessus=Nessus(address,port,verify) ScannerNessus.connexion(login,password) ScannerNessus.deconnexion() except Exception as e: erreur=str(e) if re.search('Connection refused',erreur)!=None: raise ValueError('Connection impossible') elif erreur=='Invalid Credentials': raise ValueError("Erreur d'authentification") else: raise ValueError('Erreur: '+str(e))
def __init__(self): Thread.__init__(self) Observable.__init__(self) self.scanListe=[] self.ScannerNessus=Nessus() self.attenteNessus=[] try: self.ScannerNessus.connexion() except: pass self.log=log(CHEMIN_LOGS+'scan.log','scanner.'+'srv_tache')
def testConnectionNessus(address, port, login, password, verify=False): try: verify = True if (verify == 'True' or verify == 'true' or verify == 'on' or verify == True) else False ScannerNessus = Nessus(address, port, verify) ScannerNessus.connexion(login, password) ScannerNessus.deconnexion() except Exception as e: erreur = str(e) if re.search('Connection refused', erreur) != None: raise ValueError('Connection impossible') elif erreur == 'Invalid Credentials': raise ValueError("Erreur d'authentification") else: raise ValueError('Erreur: ' + str(e))
class serveurTache(Thread, Observable): def __init__(self): Thread.__init__(self) Observable.__init__(self) self.scanListe = [] self.ScannerNessus = Nessus() self.attenteNessus = [] try: self.ScannerNessus.connexion() except: pass self.log = log(CHEMIN_LOGS + 'scan.log', 'scanner.' + 'srv_tache') def notify(self, emetteur, *args, **kwargs): #emetteur=kwargs.pop('emetteur') #On verifie qu'il s'agise de nmap if isinstance(emetteur, Scan): #Traitement des demandandes de log if kwargs.has_key('log'): log = kwargs.pop('log') self.log.ecrire(log['message'], log['type']) #Traitement des actions demandé par la class Scan if kwargs.has_key('tache'): tache = kwargs.pop('tache') action = tache['action'] if action == 'nessus_addScan': #demandé lors de l'instanciation de la parametres = tache['param'] try: nessus_id = self.ScannerNessus.nouveauScan( parametres['policy_id'], parametres['cibles'], parametres['nom'], parametres['description']) emetteur.nessusSetID(int(nessus_id)) except Exception as e: pass elif action == 'nessus_getRapport': parametres = tache['param'] try: self.ScannerNessus.getRapport( parametres['id'], parametres['format'], parametres['localisation']) except Exception as e: if (str(e) == 'Invalid Credentials'): self.ScannerNessus.connexion() self.ScannerNessus.getRapport( parametres['id'], parametres['format'], parametres['localisation']) if kwargs.has_key('status') or kwargs.has_key('status_import'): self.updateStatusBase(emetteur) def updateStatusBase(self, scan): ''' Cette fonction permet de controler si le scan est termine et mettre à jour son status en base A noter que le status en base est un status general englobant a la fois le status nmap et nessus ''' temp = scan.getObject() nessus_status = temp['nessus']['status'] nessus_import = temp['nessus']['import'] nmap_status = temp['nmap']['status'] nmap_import = temp['nmap']['import'] id_scan = temp['id_scan'] nom_unique = temp['nom_unique'] type_scan = temp['type_scan'] erreurs = scan.getErreurs() del temp cursor = connection.cursor() status_completed = ['disable', 'completed'] status_completed_with_error = [ 'disable', 'completed', 'completed_with_error' ] status_error = [ 'disable', 'error', 'completed', 'completed_with_error', 'stopping', 'canceled' ] d = datetime.datetime.now() tz = pytz.timezone('Europe/Paris') date_fin = tz.localize(d) if nessus_status == 'running' or nmap_status == 'running': cursor.execute( 'UPDATE scans_status SET etat=\'running\' WHERE id=%s', [id_scan]) else: #Données pour l'envoie de mail infos_scan = { 'id': str(id_scan), 'status': None, 'nessus': None, 'nmap': None, 'erreurs': erreurs } infos_scan[ 'nessus'] = True if nessus_status != 'disable' else False infos_scan['nmap'] = True if nmap_status != 'disable' else False if (nmap_status in status_completed) and ( nmap_import in status_completed) and ( nessus_status in status_completed) and (nessus_import in status_completed): self.generationRapport(id_scan, nom_unique, type_scan) status = "completed" infos_scan['status'] = status message = '[' + str(id_scan) + ']= Scan termine avec success' level = 'info' elif (nmap_status in status_completed_with_error) and ( nmap_import in status_completed_with_error) and ( nessus_status in status_completed_with_error) and ( nessus_import in status_completed_with_error): self.generationRapport(id_scan, nom_unique, type_scan) status = "completed_with_error" infos_scan['status'] = status message = '[' + str( id_scan) + ']= Scan termine avec des erreurs' level = 'error' elif (nmap_status in status_error) and (nmap_import in status_error) and ( nessus_status in status_error) and (nessus_import in status_error): f.write("error\n") status = "error" infos_scan['status'] = status message = '[' + str(id_scan) + ']= Echec du scan :(' level = 'warning' else: status = None if status is not None: cursor.execute( 'UPDATE scans_status SET etat=%s, date_fin=%s WHERE id=%s', [status, date_fin, id_scan]) self.log.ecrire(message, level) self.supprimerScan(id_scan) try: envoieMail(infos_scan) except Exception as e: message = '[' + str( id_scan) + "]= Echec d envoie des mails " + str(e) level = "warning" self.log.ecrire(message, level) cursor.close() def generationRapport(self, id_scan, nom_unique, type_scan): self.log.ecrire( '[' + str(id_scan) + "]= Génération du rapport d'évolution en cours...", 'info') try: creerRapportEvolution(nom_unique, id_scan, type_scan) self.log.ecrire( '[' + str(id_scan) + "]= La génération du rapport d'évolution a réussi", 'info') except Exception as e: erreur = "La génération du rapport d'évolution a échoué " + str(e) self.log.ecrire('[' + str(id_scan) + "]= " + str(erreur), 'info') def addScan(self, tableau_ip, id_scan, type_scan): cursor = connection.cursor() if type_scan == 'manuel': cursor.execute('SELECT * FROM scans_manuels WHERE id=%s LIMIT 1', [id_scan]) dictScan = dictfetchall(cursor) else: cursor.execute( 'SELECT * FROM scans_plannifies WHERE id=%s LIMIT 1', [id_scan]) dictScan = dictfetchall(cursor) nmap = dictScan[0]['nmap'] nessus = dictScan[0]['nessus'] nmapOptions = dictScan[0]['nmap_options'] if nmap == True else None policy_id = dictScan[0]['nessus_policy_id'] if nessus == True else None tz = pytz.timezone('Europe/Paris') date_lancement = datetime.datetime.now() date_postgresql = tz.localize(date_lancement) date_lancement = datetime.datetime.now() cursor.execute( 'INSERT INTO scans_status (date_lancement,etat,type) VALUES (%s,\'ready\',%s)', [date_postgresql, str(type_scan)]) cursor.execute( 'SELECT id FROM scans_status WHERE date_lancement=%s AND etat=%s AND type=%s LIMIT 1', [date_postgresql, 'ready', str(type_scan)]) temp = dictfetchall(cursor) id_scan_status = temp[0]['id'] #Le nom unique sera utilisé pour: # - le nom du rapport PDF # - l'instance de log nom_unique = str(id_scan_status) + '__' + str(date_lancement).replace( ' ', '_').split('.')[0] if type_scan == 'manuel': cursor.execute( 'INSERT INTO scan_manuel_status (id_scans_status,id_scan_manuel) VALUES(%s,%s)', [str(id_scan_status), str(id_scan)]) chemin_rapport = CHEMIN_RAPPORT + 'ScansManuels/' + str( id_scan_status) + '/' os.makedirs(chemin_rapport) else: for ip in tableau_ip: cursor.execute( 'INSERT INTO scan_hote (id_scan,ip) VALUES(%s,%s)', [str(id_scan_status), ip]) cursor.execute( 'INSERT INTO scan_plannifie_status (id_scan_plannifie,id_scans_status) VALUES(%s,%s)', [id_scan, str(id_scan_status)]) chemin_rapport = CHEMIN_RAPPORT + 'ScansPlannifies/' + str( id_scan) + '/' + str(id_scan_status) + '/' os.makedirs(chemin_rapport) cursor.close() #On instancie notre scan et on le place dans la liste scan = Scan(id_scan_status, nom_unique, type_scan, chemin_rapport, tableau_ip, nmapOptions, policy_id) self.scanListe.append({'id': id_scan_status, 'scan': scan}) #On ajoute reciproquement en observateur le scan et le serveur de tâche #Dans le premier cas pour pouvoir logger l'avancement du scan dans un fichier de log # et lancer des commande Nessus (une seule instance Nessus pour n Scan) #Dans le second pour avertir le scan lorsque le scan Nessus est fini scan.add_observer(self, 'dispatcher') self.add_observer(scan, str(id_scan_status)) if nessus == True: try: nessus_id = self.ScannerNessus.nouveauScan( policy_id, tableau_ip, nom_unique, 'Scan DJANGO') scan.nessusSetID(int(nessus_id)) self.ScannerNessus.lancerScan(int(nessus_id)) self.log.ecrire( '[' + str(id_scan_status) + ']= Demmarage du scan nessus', 'info') except Exception as e: self.attenteNessus.append({ 'action': 'ajout_scan', 'id_scan_status': id_scan_status, 'scan': scan, 'policy_id': policy_id, 'tableau_ip': tableau_ip, 'nom_unique': nom_unique, 'info': 'Scan DJANGO' }) self.log.ecrire( "[" + str(id_scan_status) + "]= Echec de l'ajout du scan Nessus, " + str(e), "error") if nmap == True: scan.demarrerScanNmap() def demarrerScan(self, id_scan, type_scan): scan = self.getScan(id_scan) if scan.nessusGetStatus() == 'ready' and (type_scan == 'nessus' or type_scan == 'all'): self.ScannerNessus.lancerScan(scan.nessusGetID()) self.log.ecrire('[' + str(id_scan) + ']= Demmarage du Scan Nessus', 'info') if scan.nmapGetStatus() == 'ready' and (type_scan == 'nmap' or type_scan == 'all'): scan.demarrerScanNmap() def supprimerScan(self, id_scan_status): ''' Permet de supprimer un scan de la liste en cours ''' for scan in self.scanListe: if int(scan['id']) == int(id_scan_status): sc = scan['scan'] id_nessus = sc.nessusGetID() if id_nessus is not None: try: self.ScannerNessus.supprimerScan(id_nessus) except: self.attenteNessus.append({ 'action': 'supprimer_scan', 'id_scan_nessus': id_nessus }) self.scanListe.remove(scan) break def getScanProgress(self, id_scan, type_scan): scan = self.getScan(id_scan) if type_scan == 'nmap': return scan.nmapGetProgress() if type_scan == 'nessus': return scan.nessusGetProgress() def getScan(self, id_scan): for elem in self.scanListe: if int(elem['id']) == int(id_scan): return elem['scan'] cursor = connection.cursor() cursor.execute( 'SELECT id_scans_status FROM scan_manuel_status WHERE id_scan_manuel=%s LIMIT 1', [str(id_scan)]) temp = dictfetchall(cursor) id_scan = temp[0]['id_scans_status'] for elem in self.scanListe: if int(elem['id']) == int(id_scan): return elem['scan'] raise Exception('scan non présent en base') def getListeScan(self): reponse = [] for elem in self.scanListe: reponse.append(elem['scan'].getObject()) return reponse def tentativeReconnexion(self): """ Gestion des tentatives de reconnexion au serveur Nessus et à la reprise des tâches en attentes """ self.log.ecrire('Tentative de reconnexion au serveur Nessus', 'debug') timeout = 10 compteur = 0 reussi = False while compteur < timeout: try: self.ScannerNessus.connexion() self.log.ecrire('Reconnexion réussi', 'debug') reussi = True break except Exception as e: time.sleep(10) compteur += 1 if reussi == False: self.log.ecrire( 'Echec de reconnexion au serveur Nessus: ' + str(e), 'error') else: #si la connexion reussi on verifie si des scans sont en attente d'ajout if len(self.attenteNessus) > 0: self.log.ecrire('Traitement des tâches Nessus en attente', 'debug') for scan_en_attente in self.attenteNessus: try: if scan_en_attente['action'] == 'ajout_scan': scan = scan_en_attente['scan'] policy_id = scan_en_attente['policy_id'] tableau_ip = scan_en_attente['tableau_ip'] nom_unique = scan_en_attente['nom_unique'] info = scan_en_attente['info'] id_scan_status = scan_en_attente['id_scan_status'] nessus_id = self.ScannerNessus.nouveauScan( policy_id, tableau_ip, nom_unique, 'Scan DJANGO') scan.nessusSetID(int(nessus_id)) self.ScannerNessus.lancerScan(int(nessus_id)) self.log.ecrire( '[' + str(id_scan_status) + ']= Demmarage du scan nessus', 'info') elif scan_en_attente['action'] == 'ajout_scan': id_scan_nessus = scan_en_attente['id_scan_nessus'] self.ScannerNessus.supprimerScan(id_scan_nessus) self.log.ecrire( 'Suppresion du scan Nessus N°' + str(id_scan_nessus), 'debug') except Exception as e: self.log.ecrire( 'Erreur d etraitement de la tâche en attente ' + str(e), 'error') else: self.attenteNessus.remove(scan_en_attente) def run(self): ''' On fait des requêtes auprès de Nessus afin de récupérer régulièrement le status et la progression des scans Puis on compare les résultats avec les précédents En cas d'évolution, on prévient les scans ''' while True: try: time.sleep(10) status = self.ScannerNessus.listScanStatusAndProgress( DIRECTORY_ID) for scan in self.scanListe: id_scan = scan['id'] nessus_id = scan['scan'].nessusGetID() nessus_status = scan['scan'].nessusGetStatus() nessus_progress = scan['scan'].nessusGetProgress() for elem in status: if elem['id'] == nessus_id: if elem['status'] != nessus_status: self.notify_observers(str(id_scan), status=elem['status']) if int(elem['progress']) != int(nessus_progress): self.notify_observers( str(id_scan), progress=elem['progress']) #En cas de perte de la connexion avec Nessus except requests.exceptions.ConnectionError: self.log.ecrire('Perte de la connexion au serveur Nessus', 'warning') self.tentativeReconnexion() except Exception as e: #Dans le cas ou la session trop longtemps, elle passe en timeout #On se reconnecte donc if (str(e) == 'Invalid Credentials'): self.log.ecrire('Connexion timeout, reconnexion...', 'debug') elif (str(e) == 'You need to log in to perform this request'): self.log.ecrire('Perte de la connexion au serveur Nessus', 'warning') else: self.log.ecrire(str(e), 'warning') self.tentativeReconnexion()
class serveurTache(Thread,Observable): def __init__(self): Thread.__init__(self) Observable.__init__(self) self.scanListe=[] self.ScannerNessus=Nessus() self.attenteNessus=[] try: self.ScannerNessus.connexion() except: pass self.log=log(CHEMIN_LOGS+'scan.log','scanner.'+'srv_tache') def notify(self,emetteur,*args,**kwargs): #emetteur=kwargs.pop('emetteur') #On verifie qu'il s'agise de nmap if isinstance(emetteur,Scan): #Traitement des demandandes de log if kwargs.has_key('log'): log=kwargs.pop('log') self.log.ecrire(log['message'],log['type']) #Traitement des actions demandé par la class Scan if kwargs.has_key('tache'): tache=kwargs.pop('tache') action=tache['action'] if action=='nessus_addScan': #demandé lors de l'instanciation de la parametres=tache['param'] try: nessus_id=self.ScannerNessus.nouveauScan(parametres['policy_id'],parametres['cibles'],parametres['nom'],parametres['description']) emetteur.nessusSetID(int(nessus_id)) except Exception as e: pass elif action=='nessus_getRapport': parametres=tache['param'] try: self.ScannerNessus.getRapport(parametres['id'],parametres['format'],parametres['localisation']) except Exception as e: if(str(e)=='Invalid Credentials'): self.ScannerNessus.connexion() self.ScannerNessus.getRapport(parametres['id'],parametres['format'],parametres['localisation']) if kwargs.has_key('status') or kwargs.has_key('status_import'): self.updateStatusBase(emetteur) def updateStatusBase(self,scan): ''' Cette fonction permet de controler si le scan est termine et mettre à jour son status en base A noter que le status en base est un status general englobant a la fois le status nmap et nessus ''' temp=scan.getObject() nessus_status=temp['nessus']['status'] nessus_import=temp['nessus']['import'] nmap_status=temp['nmap']['status'] nmap_import=temp['nmap']['import'] id_scan=temp['id_scan'] nom_unique=temp['nom_unique'] type_scan=temp['type_scan'] erreurs=scan.getErreurs() del temp cursor=connection.cursor() status_completed=['disable','completed'] status_completed_with_error=['disable','completed','completed_with_error'] status_error=['disable','error','completed','completed_with_error','stopping','canceled'] d=datetime.datetime.now() tz = pytz.timezone('Europe/Paris') date_fin=tz.localize(d) if nessus_status=='running' or nmap_status=='running': cursor.execute('UPDATE scans_status SET etat=\'running\' WHERE id=%s', [id_scan]) else: #Données pour l'envoie de mail infos_scan={ 'id': str(id_scan), 'status': None, 'nessus': None, 'nmap': None, 'erreurs': erreurs } infos_scan['nessus']=True if nessus_status!='disable' else False infos_scan['nmap']=True if nmap_status!='disable' else False if (nmap_status in status_completed) and (nmap_import in status_completed) and (nessus_status in status_completed) and (nessus_import in status_completed): self.generationRapport(id_scan,nom_unique,type_scan) status="completed" infos_scan['status']=status message='['+str(id_scan)+']= Scan termine avec success' level='info' elif (nmap_status in status_completed_with_error) and (nmap_import in status_completed_with_error) and (nessus_status in status_completed_with_error) and (nessus_import in status_completed_with_error): self.generationRapport(id_scan,nom_unique,type_scan) status="completed_with_error" infos_scan['status']=status message='['+str(id_scan)+']= Scan termine avec des erreurs' level='error' elif (nmap_status in status_error) and (nmap_import in status_error) and (nessus_status in status_error) and (nessus_import in status_error): f.write("error\n") status="error" infos_scan['status']=status message='['+str(id_scan)+']= Echec du scan :(' level='warning' else: status=None if status is not None: cursor.execute('UPDATE scans_status SET etat=%s, date_fin=%s WHERE id=%s', [status,date_fin,id_scan]) self.log.ecrire(message,level) self.supprimerScan(id_scan) try: envoieMail(infos_scan) except Exception as e: message='['+str(id_scan)+"]= Echec d envoie des mails "+str(e) level="warning" self.log.ecrire(message,level) cursor.close() def generationRapport(self,id_scan,nom_unique,type_scan): self.log.ecrire('['+str(id_scan)+"]= Génération du rapport d'évolution en cours...",'info') try: creerRapportEvolution(nom_unique,id_scan,type_scan) self.log.ecrire('['+str(id_scan)+"]= La génération du rapport d'évolution a réussi",'info') except Exception as e: erreur="La génération du rapport d'évolution a échoué "+str(e) self.log.ecrire('['+str(id_scan)+"]= "+str(erreur),'info') def addScan(self,tableau_ip,id_scan,type_scan): cursor=connection.cursor() if type_scan=='manuel': cursor.execute('SELECT * FROM scans_manuels WHERE id=%s LIMIT 1',[id_scan]) dictScan=dictfetchall(cursor) else: cursor.execute('SELECT * FROM scans_plannifies WHERE id=%s LIMIT 1',[id_scan]) dictScan=dictfetchall(cursor) nmap=dictScan[0]['nmap'] nessus=dictScan[0]['nessus'] nmapOptions=dictScan[0]['nmap_options'] if nmap==True else None policy_id=dictScan[0]['nessus_policy_id'] if nessus==True else None tz = pytz.timezone('Europe/Paris') date_lancement=datetime.datetime.now() date_postgresql=tz.localize(date_lancement) date_lancement=datetime.datetime.now() cursor.execute('INSERT INTO scans_status (date_lancement,etat,type) VALUES (%s,\'ready\',%s)',[date_postgresql,str(type_scan)]) cursor.execute('SELECT id FROM scans_status WHERE date_lancement=%s AND etat=%s AND type=%s LIMIT 1',[date_postgresql,'ready',str(type_scan)]) temp=dictfetchall(cursor) id_scan_status=temp[0]['id'] #Le nom unique sera utilisé pour: # - le nom du rapport PDF # - l'instance de log nom_unique=str(id_scan_status)+'__'+str(date_lancement).replace(' ','_').split('.')[0] if type_scan=='manuel': cursor.execute('INSERT INTO scan_manuel_status (id_scans_status,id_scan_manuel) VALUES(%s,%s)',[str(id_scan_status),str(id_scan)]) chemin_rapport=CHEMIN_RAPPORT+'ScansManuels/'+str(id_scan_status)+'/' os.makedirs(chemin_rapport) else: for ip in tableau_ip: cursor.execute('INSERT INTO scan_hote (id_scan,ip) VALUES(%s,%s)',[str(id_scan_status),ip]) cursor.execute('INSERT INTO scan_plannifie_status (id_scan_plannifie,id_scans_status) VALUES(%s,%s)',[id_scan,str(id_scan_status)]) chemin_rapport=CHEMIN_RAPPORT+'ScansPlannifies/'+str(id_scan)+'/'+str(id_scan_status)+'/' os.makedirs(chemin_rapport) cursor.close() #On instancie notre scan et on le place dans la liste scan=Scan(id_scan_status,nom_unique,type_scan,chemin_rapport,tableau_ip,nmapOptions,policy_id) self.scanListe.append({'id':id_scan_status,'scan':scan}) #On ajoute reciproquement en observateur le scan et le serveur de tâche #Dans le premier cas pour pouvoir logger l'avancement du scan dans un fichier de log # et lancer des commande Nessus (une seule instance Nessus pour n Scan) #Dans le second pour avertir le scan lorsque le scan Nessus est fini scan.add_observer(self,'dispatcher') self.add_observer(scan,str(id_scan_status)) if nessus==True: try: nessus_id=self.ScannerNessus.nouveauScan(policy_id,tableau_ip,nom_unique,'Scan DJANGO') scan.nessusSetID(int(nessus_id)) self.ScannerNessus.lancerScan(int(nessus_id)) self.log.ecrire('['+str(id_scan_status)+']= Demmarage du scan nessus','info') except Exception as e: self.attenteNessus.append({'action':'ajout_scan','id_scan_status':id_scan_status,'scan':scan,'policy_id':policy_id,'tableau_ip':tableau_ip,'nom_unique':nom_unique,'info':'Scan DJANGO'}) self.log.ecrire("["+str(id_scan_status)+"]= Echec de l'ajout du scan Nessus, "+str(e),"error") if nmap==True: scan.demarrerScanNmap() def demarrerScan(self,id_scan,type_scan): scan=self.getScan(id_scan) if scan.nessusGetStatus()=='ready' and (type_scan=='nessus' or type_scan=='all'): self.ScannerNessus.lancerScan(scan.nessusGetID()) self.log.ecrire('['+str(id_scan)+']= Demmarage du Scan Nessus','info') if scan.nmapGetStatus()=='ready' and (type_scan=='nmap' or type_scan=='all'): scan.demarrerScanNmap() def supprimerScan(self,id_scan_status): ''' Permet de supprimer un scan de la liste en cours ''' for scan in self.scanListe: if int(scan['id'])==int(id_scan_status): sc=scan['scan'] id_nessus=sc.nessusGetID() if id_nessus is not None: try: self.ScannerNessus.supprimerScan(id_nessus) except: self.attenteNessus.append({'action':'supprimer_scan','id_scan_nessus':id_nessus}) self.scanListe.remove(scan) break def getScanProgress(self,id_scan,type_scan): scan=self.getScan(id_scan) if type_scan=='nmap': return scan.nmapGetProgress() if type_scan=='nessus': return scan.nessusGetProgress() def getScan(self,id_scan): for elem in self.scanListe: if int(elem['id'])==int(id_scan): return elem['scan'] cursor=connection.cursor() cursor.execute('SELECT id_scans_status FROM scan_manuel_status WHERE id_scan_manuel=%s LIMIT 1',[str(id_scan)]) temp=dictfetchall(cursor) id_scan=temp[0]['id_scans_status'] for elem in self.scanListe: if int(elem['id'])==int(id_scan): return elem['scan'] raise Exception('scan non présent en base') def getListeScan(self): reponse=[] for elem in self.scanListe: reponse.append(elem['scan'].getObject()) return reponse def tentativeReconnexion(self): """ Gestion des tentatives de reconnexion au serveur Nessus et à la reprise des tâches en attentes """ self.log.ecrire('Tentative de reconnexion au serveur Nessus','debug') timeout = 10 compteur = 0 reussi=False while compteur < timeout: try: self.ScannerNessus.connexion() self.log.ecrire('Reconnexion réussi','debug') reussi=True break except Exception as e: time.sleep(10) compteur+=1 if reussi==False: self.log.ecrire('Echec de reconnexion au serveur Nessus: '+str(e),'error') else: #si la connexion reussi on verifie si des scans sont en attente d'ajout if len(self.attenteNessus)>0: self.log.ecrire('Traitement des tâches Nessus en attente','debug') for scan_en_attente in self.attenteNessus: try: if scan_en_attente['action']=='ajout_scan': scan=scan_en_attente['scan'] policy_id=scan_en_attente['policy_id'] tableau_ip=scan_en_attente['tableau_ip'] nom_unique=scan_en_attente['nom_unique'] info=scan_en_attente['info'] id_scan_status=scan_en_attente['id_scan_status'] nessus_id=self.ScannerNessus.nouveauScan(policy_id,tableau_ip,nom_unique,'Scan DJANGO') scan.nessusSetID(int(nessus_id)) self.ScannerNessus.lancerScan(int(nessus_id)) self.log.ecrire('['+str(id_scan_status)+']= Demmarage du scan nessus','info') elif scan_en_attente['action']=='ajout_scan': id_scan_nessus=scan_en_attente['id_scan_nessus'] self.ScannerNessus.supprimerScan(id_scan_nessus) self.log.ecrire('Suppresion du scan Nessus N°'+str(id_scan_nessus),'debug') except Exception as e: self.log.ecrire('Erreur d etraitement de la tâche en attente '+str(e),'error') else: self.attenteNessus.remove(scan_en_attente) def run(self): ''' On fait des requêtes auprès de Nessus afin de récupérer régulièrement le status et la progression des scans Puis on compare les résultats avec les précédents En cas d'évolution, on prévient les scans ''' while True: try: time.sleep(10) status=self.ScannerNessus.listScanStatusAndProgress(DIRECTORY_ID) for scan in self.scanListe: id_scan=scan['id'] nessus_id=scan['scan'].nessusGetID() nessus_status=scan['scan'].nessusGetStatus() nessus_progress=scan['scan'].nessusGetProgress() for elem in status: if elem['id']==nessus_id: if elem['status']!=nessus_status: self.notify_observers(str(id_scan),status=elem['status']) if int(elem['progress'])!=int(nessus_progress): self.notify_observers(str(id_scan),progress=elem['progress']) #En cas de perte de la connexion avec Nessus except requests.exceptions.ConnectionError: self.log.ecrire('Perte de la connexion au serveur Nessus','warning') self.tentativeReconnexion() except Exception as e: #Dans le cas ou la session trop longtemps, elle passe en timeout #On se reconnecte donc if(str(e)=='Invalid Credentials'): self.log.ecrire('Connexion timeout, reconnexion...','debug') elif(str(e)=='You need to log in to perform this request'): self.log.ecrire('Perte de la connexion au serveur Nessus','warning') else: self.log.ecrire(str(e),'warning') self.tentativeReconnexion()